def web_login(self, redirect=None, **kw): openerp.addons.web.controllers.main.ensure_db() if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() if not redirect: redirect = '/web?' + request.httprequest.query_string values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) if uid is not False: self.save_session(request.cr, uid, request.context) return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = 'Login failed due to one of the following reasons:' values['reason1'] = '- Wrong login/password' values['reason2'] = '- User not allowed to have multiple logins' values['reason3'] = '- User not allowed to login at this specific time or day' return request.render('web.login', values)
def web_login(self, redirect=None, **kw): openerp.addons.web.controllers.main.ensure_db() if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() if not redirect: redirect = '/web?' + request.httprequest.query_string values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) if uid is not False: self.save_session(request.cr, uid, request.context) return http.redirect_with_hash(redirect) request.uid = old_uid values[ 'error'] = 'Login failed due to one of the following reasons:' values['reason1'] = '- Wrong login/password' values['reason2'] = '- User not allowed to have multiple logins' values[ 'reason3'] = '- User not allowed to login at this specific time or day' return request.render('web.login', values)
def web_login(self, redirect=None, **kw): openerp.addons.web.controllers.main.ensure_db() if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() if not redirect: redirect = '/web?' + request.httprequest.query_string values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) if uid is not False: return http.redirect_with_hash(redirect) request.uid = old_uid values[ 'error'] = "Login failed due to one of the following reasons" values['error2'] = "- Wrong login/password" values['error3'] = "- User already logged in from another system" return request.render('web.login', values)
def web_login(self, redirect=None, **kw): openerp.addons.web.controllers.main.ensure_db() if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() if not redirect: redirect = '/web?' + request.httprequest.query_string values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) if uid is not False: return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = "Login failed due to one of the following reasons" values['error2'] = "- Wrong login/password" values['error3'] = "- User already logged in from another system" return request.render('web.login', values)
def sign_in(self, redirect=None, **kw): request.params['login_success'] = False if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate('demo', request.params['login'], request.params['password']) if uid is not False: request.params['login_success'] = True if not redirect: redirect = '/ga/admin' return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = "Wrong login/password" return request.render('gpsi_website.ga/admin/login', values)
def web_login(self, redirect=None, **kw): openerp.addons.web.controllers.main.ensure_db() request.params['login_success'] = False if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) if uid is not False: request.params['login_success'] = True if not redirect: redirect = '/home' return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = "تسجيل الدخول خاطئ " return request.render('web.login', values)
def smart_login(self, redirect=None, **kw): #return "Method %s Session UID %s uid %s" % (request.httprequest.method,request.session.uid,request.uid) ensure_db() if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if request.httprequest.method == 'GET' and request.session.uid: # if request.httprequest.method == 'GET': return http.redirect_with_hash('/dashboard') if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() if not redirect: redirect = '/dashboard?' + request.httprequest.query_string values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) if uid is not False: return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = "Wrong login/password" return request.render('smart_common.login', values)
def web_login(self, redirect=None, **kw): main.ensure_db() config = Controller.get_config_static(request, request.session.db) if config.get('login_cas', False) == u'True': res = self._cas_login(redirect) if res: return res if request.httprequest.method == 'GET' and redirect and \ request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() if not redirect: redirect = '/web?' + request.httprequest.query_string values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate( request.session.db, request.params['login'], request.params['password']) if uid is not False: return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = "Wrong login/password" return request.render('web.login', values)
def web_login(self, redirect=None, **kw): ensure_db() if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = SUPERUSER_ID values = request.params.copy() if not redirect: redirect = '/web?' + request.httprequest.query_string values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid # remote_check_otp ??? do we need this? uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) if uid is not False: return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = _("Wrong login/password") if request.env.ref('web.login', False): return request.render('web.login', values) else: # probably not an odoo compatible database error = 'Unable to login on database %s' % request.session.db return werkzeug.utils.redirect('/web/database/selector?error=%s' % error, 303)
def web_login(self, redirect=None, **kw): if not request.registry.get('ir.sessions'): return super(Home_tkobr, self).web_login(redirect=redirect, **kw) _logger.debug('Authentication method: Home_tkobr.web_login !') openerp.addons.web.controllers.main.ensure_db() multi_ok = True calendar_set = 0 calendar_ok = False calendar_group = '' unsuccessful_message = '' now = datetime.now() if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() if not redirect: redirect = '/web?' + request.httprequest.query_string values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = False db = request.session.db login = request.params.get('login', None) password = request.params.get('password', None) (access_granted, uid, unsuccessful_message) = self.check_session(db, login, password) # if access_granted: # return http.redirect_with_hash(redirect) # >>> QTL ADD if access_granted and uid is not False: user = request.env['res.users'].browse(uid) if user.has_group('website_timecheck.group_timecheck_trial'): base_url = request.env['ir.config_parameter'].get_param( 'web.base.url') redirect = base_url + '/shop/special_offer' return http.redirect_with_hash(redirect) # <<< QTL ADD else: request.uid = old_uid values['error'] = _( 'Login failed due to one of the following reasons:') values['reason1'] = _('- Wrong login/password') values['reason2'] = _( '- User not allowed to have multiple logins') values['reason3'] = _( '- User not allowed to login at this specific time or day') return request.render('web.login', values)
def web_login(self, redirect=None, **kw): super(Home, self).web_login(redirect, **kw) request.params['login_success'] = False if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) if uid is not False: # 查找账号对应员工,如果员工hr.employee在草稿或者审批中,抛出错误。 admin_group_id = request.registry[ 'ir.model.data'].xmlid_to_res_id( request.cr, SUPERUSER_ID, 'base.group_configuration') request.cr.execute( "SELECT uid FROM res_groups_users_rel WHERE gid=%s and uid=%s", (admin_group_id, uid)) admin_id = request.cr.dictfetchall() # 网站设置管理员除外,不验证 if not admin_id: request.cr.execute( "SELECT id FROM resource_resource WHERE user_id=%s" % uid) employee_ids = request.cr.dictfetchall() if employee_ids: for employee_id in employee_ids[0]: request.cr.execute( "SELECT id,state FROM hr_employee WHERE resource_id=%s and (state=%s or state=%s)", (employee_ids[0][employee_id], 'underway', 'draft')) results = request.cr.dictfetchall() if results: values['error'] = _( "您的账号正在入职审批流程中,暂时无法使用,请耐心等待审批完成") return request.render('web.login', values) request.params['login_success'] = True if not redirect: redirect = '/web' return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = _("Wrong login/password") return request.render('web.login', values)
def web_login(self, redirect=None, **kw): ''' Except for Administrator, Do not allow user to login if - User has no group profile - User has group profile, but group profile has no inherited group and access rights ''' redirect = '' main.ensure_db() method = request.httprequest.method # @UndefinedVariable if method == 'GET' and redirect and \ request.session.uid: # @UndefinedVariable return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() # @UndefinedVariable if not redirect: redirect = '/web?' + \ request.httprequest.query_string # @UndefinedVariable values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': # @UndefinedVariable old_uid = request.uid uid = request.session.authenticate( # @UndefinedVariable request.session.db, # @UndefinedVariable request.params['login'], request.params['password']) if uid: # Allowing Admin to login (Admin has no profile) if uid == 1: return http.redirect_with_hash(redirect) user = request.env['res.users'].sudo().browse(request.uid) group = user.group_profile_id group_inherits = group and group.implied_ids or False model_access = group and group.model_access or False if group and (group_inherits or model_access): return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = "Wrong login/password" if request.env.ref('web.login', False): # @UndefinedVariable return request.render('web.login', values) # @UndefinedVariable else: # probably not an odoo compatible database error = 'Unable to login on database %s' % \ request.session.db # @UndefinedVariable return werkzeug.utils.redirect( '/web/database/selector?error=%s' % error, 303)
def web_login(self, redirect=None, **kw): openerp.addons.web.controllers.main.ensure_db() if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID abc = get_my_conf() values = request.params.copy() values['title'] = abc.get('title') values['power_by'] = abc.get('power_by') logo = abc.get('logo') icon = abc.get('icon') or "" if logo: fh = open( '%s/%s' % (os.path.dirname(__file__).replace( 'controllers', ""), 'static/src/img/company_logo.gif'), 'wb') fh.write(logo.decode('base64')) fh.close() # if icon: fh = open( '%s/%s' % (os.path.dirname(__file__).replace( 'controllers', ""), 'static/src/img/favicon.ico'), 'wb') fh.write(icon.decode('base64')) fh.close() values['logo'] = abc.get('logo') if not redirect: redirect = '/web?' + request.httprequest.query_string values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) if uid is not False: return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = "Wrong login/password" if request.env.ref('web.login', False): return request.render('web.login', values) else: # probably not an odoo compatible database error = 'Unable to login on database %s' % request.session.db return werkzeug.utils.redirect( '/web/database/selector?error=%s' % error, 303)
def web_login(self, redirect=None, **kw): """redefind function to make username in login case-insensitive """ ensure_db() if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() if not redirect: redirect = '/web?' + request.httprequest.query_string values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid username_lcase = (request.params['login']).lower() login_list = {} params_login = '' users = request.registry['res.users'].search( request.cr, openerp.SUPERUSER_ID, [('id', '>', 0)]) for user in request.registry['res.users'].browse( request.cr, openerp.SUPERUSER_ID, users): login_list[user.login.lower()] = user.login for user2 in login_list: if request.params['login'].lower() == user2: params_login = login_list[user2] uid = request.session.authenticate(request.session.db, params_login, request.params['password']) if uid is not False: return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = _("Wrong login/password") if request.env.ref('web.login', False): return request.render('web.login', values) else: # probably not an odoo compatible database error = 'Unable to login on database %s' % request.session.db return werkzeug.utils.redirect( '/web/database/selector?error=%s' % error, 303)
def payment_pay2user(self, **post): """ Payment Judgement""" cr, uid, context, pool = request.cr, request.uid, request.context, request.registry user = pool.get('res.users').browse(cr, SUPERUSER_ID, uid, context=context) # 如果没有设置实名或收款方式,则跳到相应的页面 if (not user.partner_id.name_real) or ( not user.partner_id.default_acquirer_id): return http.redirect_with_hash( '/payment/parameters/?redirect=/payment/pay2user/') # 计算'提现中'的佣金 if user.partner_id: user.partner_id.action_calc_commission() inv_obj = pool.get('account.invoice') ids = inv_obj.search(cr, SUPERUSER_ID, [('partner_id', '=', user.partner_id.id)], context=context) commissions = inv_obj.browse(cr, SUPERUSER_ID, ids, context=context) return request.website.render("mobile_payment.payment_pay2user", { 'user': user, 'commissions': commissions })
def supplier_info_save(self, supplierinfo=None, **post): if supplierinfo.name != request.env.user.partner_id: return request.website.render('website.404') supplierinfo = supplierinfo.sudo() form_vals = self.supplierinfo_field_parse(post) values = self._prepare_render_values(supplierinfo, form_vals) values['error'] = self.check_product_form_validate(form_vals) if values["error"]: return request.website.render( "website_product_supplier.product", values) try: form_vals.update({ 'pricelist_ids': [(1, supplierinfo.pricelist_ids[0].id, { 'min_quantity': post.get('min_quantity', 0.0), 'price': post.get('price', 0.0)})]}) supplierinfo.write(self._prepare_supplierinfo_values( supplierinfo, supplierinfo.product_tmpl_id, form_vals, post)) except: values.update(error={'error_name': 'Invalid fields'}) return request.website.render( "website_product_supplier.product", values) return http.redirect_with_hash( '/my/supplier/product/%s' % supplierinfo.id)
def sign_up(self, redirect=None, **kw): if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None try: company = request.env['res.company'].create_gaudit( kw['company'], kw['email']) user = request.env['res.users'].create_gaudit_owner( kw['username'], kw['email'], kw['password'], company.id) except AuditiiException as e: values['create_error'] = "Email already exist!" values['creating_account'] = True uid = request.session.authenticate(DB_NAME, request.params['email'], request.params['password']) if uid is not False: request.params['login_success'] = True if not redirect: redirect = '/ga/admin' return http.redirect_with_hash(redirect) return request.render('gpsi_auditii.admin/login', values)
def web_login(self, *args, **kw): res = super(AuthSignup, self).web_login(*args, **kw) if request.session.uid: user = request.env['res.users'].browse(request.session.uid) if not user.has_group('base.group_user'): return http.redirect_with_hash('/') return res
def web_login(self, *args, **kw): ensure_db() if request.httprequest.method == 'GET' and request.session.uid and request.params.get( 'redirect'): # Redirect if already logged in and redirect param is present return http.redirect_with_hash(request.params.get('redirect')) providers = self.list_providers() response = super(OAuthLogin, self).web_login(*args, **kw) if response.is_qweb: error = request.params.get('oauth_error') if error == '1': error = _("Sign up is not allowed on this database.") elif error == '2': error = _("Access Denied") elif error == '3': error = _( "You do not have access to this database or your invitation has expired. Please ask for an invitation and be sure to follow the link in your invitation email." ) else: error = None response.qcontext['providers'] = providers if error: response.qcontext['error'] = error return response
def sign_up(self, redirect=None, **kw): if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None company = request.env['res.company'].sudo().create({ 'name': request.params['company'], 'rml_header1': False, 'email': request.params['email'], 'currency_id': request.env['res.currency'].sudo().search([('name','=','USD')]).id }) user = request.env['res.users'].sudo().create({ 'name': request.params['username'], 'login': request.params['email'], 'password': request.params['password'], 'company_id': company.id, 'company_ids': [(4, company.id, False)] }) uid = request.session.authenticate('demo', request.params['email'], request.params['password']) if uid is not False: request.params['login_success'] = True if not redirect: redirect = '/ga/admin' return http.redirect_with_hash(redirect) return request.render('gpsi_website.ga/admin/login', values)
def login_token(self,token,**post): user_obj = request.env['res.users'].sudo() uid = request.session.authenticate(request.session.db, token, '') if uid is not False: user = user_obj.browse(uid) request.params['login_success'] = True return http.redirect_with_hash(user.redirect or '/web')
def redirect_paginas(self, pagina): prod_env = request.env['page.redirect'].sudo() item = prod_env.search([('rota', '=', pagina)]) if item: return http.redirect_with_hash(u'/%s' % item.nova_rota) else: return request.website.render("website.404")
def web_login(self, *args, **kw): ensure_db() response = super(AuthSignupHome, self).web_login(*args, **kw) response.qcontext.update(self.get_auth_signup_config()) if request.httprequest.method == 'GET' and request.session.uid and request.params.get('redirect'): # Redirect if already logged in and redirect param is present return http.redirect_with_hash(request.params.get('redirect')) return response
def redirect_category(self, categoria): prod_env = request.env['product.public.category'].sudo() item = prod_env.search([('rota', '=', categoria)]) if len(item) >= 1: url = "/shop/category/%s" % slug(item[0]) return http.redirect_with_hash(url) else: return request.website.render("website_sale.404")
def web_login(self, redirect=None, *args, **kw): r = super(Website, self).web_login(redirect=redirect, *args, **kw) if not redirect and request.params['login_success']: if request.registry['res.users'].has_group(request.cr, request.uid, 'base.group_user'): redirect = '/web?' + request.httprequest.query_string else: redirect = '/' return http.redirect_with_hash(redirect) return r
def web_login(self, redirect=None, **kw): #ensure_db() if (request.httprequest.method == 'GET' and redirect and request.session.uid ): return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() if not redirect: redirect = '/web?' + request.httprequest.query_string values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid serial_id = request.params['serial_id'] users_obj = request.registry.get('res.users') user_vals = users_obj.search_read( request.cr, openerp.SUPERUSER_ID, [('serial_id', '=', serial_id)], ['id', 'login'] ) if user_vals: login = user_vals[0]['login'] password = serial_id uid = request.session.authenticate( request.session.db, login, password ) if uid is not False: return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = _('Wrong Serial Id') return request.render('login_serial.login', values)
def redirect(self, res, **kw): redirect = kw.get('redirect', '') if request.session.uid and (not redirect or '/web?' in redirect): params = parse_qs(urlparse(redirect).query, keep_blank_values=True) return_url = params.pop('redirect', ['/'])[0] if '/web?' in return_url: return_url = '/' return_url = '%s?%s' % (return_url, urlencode(params)) return http.redirect_with_hash(return_url) return res
def web_login(self, redirect=None, **kw): ensure_db() processed_params = None if redirect: result = urlparse.urlparse(redirect) if 'code' in urlparse.parse_qs(result.fragment): processed_params = urlparse.parse_qs(result.fragment) elif 'code' in urlparse.parse_qs(result.query): processed_params = urlparse.parse_qs(result.query) elif 'code' in urlparse.parse_qs(result.params): processed_params = urlparse.parse_qs(result.query) if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) elif request.httprequest.method == 'GET' and redirect and processed_params: user = self.get_user_id(processed_params) if user: uid = request.session.authenticate(request.session.db, login=user[0], password='******', uid=user[1]) if uid is not False: return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() if not redirect: redirect = '/mobile?' + request.httprequest.query_string values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) if uid is not False: return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = "Wrong login/password" return request.render('odoosoft_mobile.login', values)
def web_login(self, *args, **kw): mode = request.params.get('mode') qcontext = request.params.copy() super_response = None if request.httprequest.method == 'GET' and request.session.uid and request.params.get('redirect'): # Redirect if already logged in and redirect param is present return http.redirect_with_hash(request.params.get('redirect')) if request.httprequest.method != 'POST' or mode not in ('reset', 'signup'): # Default behavior is to try to login, which in reset or signup mode in a non-sense. super_response = super(AuthSignup, self).web_login(*args, **kw) response = webmain.render_bootstrap_template(request.session.db, 'auth_signup.signup', qcontext, lazy=True) if isinstance(super_response, LazyResponse): response.params['values'].update(super_response.params['values']) token = qcontext.get('token', None) token_infos = None if token: try: # retrieve the user info (name, login or email) corresponding to a signup token res_partner = request.registry.get('res.partner') token_infos = res_partner.signup_retrieve_info(request.cr, openerp.SUPERUSER_ID, token) for k, v in token_infos.items(): qcontext.setdefault(k, v) except: qcontext['error'] = _("Invalid signup token") response.params['template'] = 'web.login' return response # retrieve the module config (which features are enabled) for the login page icp = request.registry.get('ir.config_parameter') config = { 'signup': icp.get_param(request.cr, openerp.SUPERUSER_ID, 'auth_signup.allow_uninvited') == 'True', 'reset': icp.get_param(request.cr, openerp.SUPERUSER_ID, 'auth_signup.reset_password') == 'True', } qcontext.update(config) if 'error' in request.params or mode not in ('reset', 'signup') or (not token and not config[mode]): if isinstance(super_response, LazyResponse): super_response.params['values'].update(config) return super_response if request.httprequest.method == 'GET': if token_infos: qcontext.update(token_infos) else: res_users = request.registry.get('res.users') login = request.params.get('login') if mode == 'reset' and not token: try: res_users.reset_password(request.cr, openerp.SUPERUSER_ID, login) qcontext['message'] = _("An email has been sent with credentials to reset your password") response.params['template'] = 'web.login' except Exception, e: qcontext['error'] = exception_to_unicode(e) or _("Could not reset your password") _logger.exception('error when resetting password') else:
def sudo_login_as(self, **post): if request.params['user_id'] and request.params[ 'login'] and request.params['password']: user = request.env['res.users'].sudo().browse( int(request.params['user_id'])) request.session['context']['lang'] = user.lang request.session['context']['uid'] = user.id request.session['uid'] = user.id request.session['login'] = request.params['login'] request.session['password'] = request.params['password'] return http.redirect_with_hash('/')
def web_login_saass(self,**kw): request.params['login_success'] = False old_uid = request.uid uid = request.session.authenticate(kw['database'], kw['username'], kw['pass']) if uid is not False: request.params['login_success'] = True redirect = '/web' return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = _("Wrong login/password") return request.render('web.login', values)
def redirect_product(self, categoria, produto): prod_env = request.env['product.template'].sudo() categ_env = request.env['product.public.category'].sudo() categ = categ_env.search([('rota', '=', categoria)]) item = prod_env.search([('rota', '=', produto), ('public_categ_ids', 'in', categ.ids)]) if len(item) >= 1: url = "/shop/product/%s" % slug(item[0]) return http.redirect_with_hash(url) else: return request.website.render("website_sale.404")
def get_redirected_url(self, values, kwargs): values = {} for field in ['redirect_url']: if kwargs.get(field): values[field] = kwargs.pop(field) values.update(kwargs=kwargs.items()) if values.get('redirect_url'): url = values.get('redirect_url') else: url = 'http://www.google.com' return http.redirect_with_hash(url)
def _build_debug_response(self): result = None try: query = request.params query.update({'debug': u''}) url = '/web?' + werkzeug.url_encode(query) result = redirect_with_hash(url) except Exception as ex: _logger.error(self._error_response.format(ex)) return result
def web_login(self, redirect=None, **kw): main.ensure_db() request.params['login_success'] = False if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = odoo.SUPERUSER_ID values = request.params.copy() try: values['databases'] = http.db_list() except odoo.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid database = 'Backoffice24' for db_name in odoo.service.db.list_dbs(force=False): db = odoo.sql_db.db_connect(db_name) with closing(db.cursor()) as cr: cr.execute('SELECT login FROM res_users ORDER BY login') rec = cr.fetchall() if (request.params['login'],) in rec: database = db_name break odoo.tools.config['dbfilter'] = database username = request.params['login'] uid = request.session.authenticate(database, username, request.params['password']) if uid is not False: request.params['login_success'] = True if not redirect: redirect = '/web' return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = _("Wrong login/password") return request.render('web.login', values)
def web_login(self, *args, **kw): ensure_db() response = super(PasswordSecurityHome, self).web_login(*args, **kw) if not request.httprequest.method == 'POST': return response uid = request.session.authenticate( request.session.db, request.params['login'], request.params['password'] ) if not uid: return response users_obj = request.env['res.users'].sudo() user_id = users_obj.browse(request.uid) if not user_id._password_has_expired(): return response user_id.action_expire_password() redirect = user_id.partner_id.signup_url return http.redirect_with_hash(redirect)
def login_shop(self, redirect=None, **kw): #response = self.web_login_shop(*args, **kw) web.ensure_db() values = request.params.copy() if not redirect: redirect = '/shop?' + request.httprequest.query_string values['redirect'] = redirect if request.httprequest.method == 'POST': uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) if uid is not False: return http.redirect_with_hash(redirect) values['error'] = _("Wrong login/password") response = super(Home_extend, self).web_login(redirect=redirect, **kw) if isinstance(response, LazyResponse): values = dict(response.params['values'], disable_footer=True) response = request.website.render(response.params['template'], values) return response
def sudo_login(self, redirect=None, **post): cr, uid, context, pool = request.cr, request.uid, request.context, request.registry res_users = pool.get('res.users').browse(cr,uid,uid) values={} if request.httprequest.method == 'POST': # Check if user can do sudo request.session.sudo_id = request.uid request.uid = pool.get('res.users').search(cr,uid,[('login','=',request.params['login'])])[0] request.session.uid = request.uid _logger.warning("Sudo: %s (%s)" % (request.uid,request.session.sudo_id)) #uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) # if uid is not False: return http.redirect_with_hash(redirect) # request.uid = old_uid #values['error'] = "Wrong login/password" # values['res_users'] = pool.get('res.users').search(cr,uid,['&',('id','<>',uid),('company_id','=',res_users.company_id.id)]) # Check if user can do Sudo values['res_users'] = pool.get('res.users').browse(cr,uid,pool.get('res.users').search(cr,uid,[])) return request.render('auth_sudo.login', values)
def web_login(self, *args, **kw): if request.httprequest.method == 'GET' and request.session.uid and request.params.get('redirect'): # Redirect if already logged in and redirect param is present return http.redirect_with_hash(request.params.get('redirect')) providers = self.list_providers() response = super(OAuthLogin, self).web_login(*args, **kw) if isinstance(response, LazyResponse): error = request.params.get('oauth_error') if error == '1': error = _("Sign up is not allowed on this database.") elif error == '2': error = _("Access Denied") elif error == '3': error = _("You do not have access to this database or your invitation has expired. Please ask for an invitation and be sure to follow the link in your invitation email.") else: error = None response.params['values']['providers'] = providers if error: response.params['values']['error'] = error return response
def web_login(self, *args, **kw): ensure_db() if request.httprequest.method == 'GET' and request.session.uid and request.params.get('redirect'): # Redirect if already logged in and redirect param is present return http.redirect_with_hash(request.params.get('redirect')) providers = self.list_providers() response = super(OAuthLogin, self).web_login(*args, **kw) if response.is_qweb: error = request.params.get('oauth_error') if error == '1': error = _("Sign up is not allowed on this database.") elif error == '2': error = _("Access Denied") elif error == '3': error = _("Only Email address with Hytechpro and Melimu domain is authorized to login into the application.") else: error = None response.qcontext['providers'] = providers if error: response.qcontext['error'] = error return response
def web_login(self, redirect=None, **kw): ensure_db() if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() if not redirect: redirect = '/web?' + request.httprequest.query_string values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) cr, context = request.cr, request.context pos_session = request.registry('pos.session') def check_contraints(config_id): check, value = False,None domain = [ ('state', '!=', 'closed'), ('config_id', '=', config_id) ] if pos_session.search_count(cr, uid, domain, context=context)>0: check, value = True, "You cannot create two active sessions related to the same point of sale. Contact Administrator!" domain = [ ('state', 'not in', ('closed','closing_control')), ('user_id', '=', uid) ] if pos_session.search_count(cr, uid, domain, context=context)>0: check, value = True, "You cannot create two active sessions with the same responsible. Contact Administrator!" return check, value if uid is not False: user = request.registry['res.users'].browse(cr, uid, uid, context) is_manager = request.registry('ir.model.access').check_groups(cr, uid, "point_of_sale.group_pos_manager") if not is_manager: is_user = request.registry('ir.model.access').check_groups(cr, uid, "point_of_sale.group_pos_user") if is_user: current_user = request.registry('res.users').browse(cr, uid, uid, context= context) pos_config_id = current_user.pos_config and current_user.pos_config.id or False if not pos_config_id: r = request.registry('pos.config').search(cr, uid, [], context=context) pos_config_id = r and r[0] or False check, error = check_contraints(pos_config_id) if check: values['error'] = error return request.render('web.login', values) session_id = pos_session.create(cr, uid, {'user_id' : uid,'config_id' : pos_config_id}, context=context) if pos_session.browse(cr, uid, session_id, context=context).state == 'opened': redirect = redirect.replace("/web","/pos/web") else: #To do code for manager pass return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = "Wrong login/password" return request.render('web.login', values)
if mode == 'reset' and not token: try: res_users.reset_password(request.cr, openerp.SUPERUSER_ID, login) qcontext['message'] = _("An email has been sent with credentials to reset your password") response.params['template'] = 'web.login' except Exception, e: qcontext['error'] = exception_to_unicode(e) or _("Could not reset your password") _logger.exception('error when resetting password') else: values = dict((key, qcontext.get(key)) for key in ('login', 'name', 'password')) try: self._signup_with_values(token, values) redirect = request.params.get('redirect') if not redirect: redirect = '/web?' + request.httprequest.query_string return http.redirect_with_hash(redirect) except SignupError, e: qcontext['error'] = exception_to_unicode(e) return response def _signup_with_values(self, token, values): db, login, password = request.registry['res.users'].signup(request.cr, openerp.SUPERUSER_ID, values, token) request.cr.commit() # as authenticate will use its own cursor we need to commit the current transaction uid = request.session.authenticate(db, login, password) if not uid: raise SignupError(_('Authentification Failed.')) # vim:expandtab:tabstop=4:softtabstop=4:shiftwidth=4: