You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

73 lines
2.3 KiB

  1. # -*- coding: utf-8 -*-
  2. from odoo import models, fields, api
  3. from .. import random_tokens
  4. class Client(models.Model):
  5. _name = 'galicea_openid_connect.client'
  6. _description = 'OpenID Connect client'
  7. name = fields.Char(required=True)
  8. auth_redirect_uri = fields.Char('Redirect URI for user login')
  9. client_id = fields.Char(
  10. string='Client ID',
  11. required=True,
  12. readonly=True,
  13. index=True,
  14. default=lambda _: random_tokens.lower_case(16),
  15. )
  16. secret = fields.Char(
  17. string='Client secret',
  18. required=True,
  19. readonly=True,
  20. default=lambda _: random_tokens.alpha_numeric(32),
  21. groups='galicea_openid_connect.group_admin'
  22. )
  23. system_user_id = fields.Many2one(
  24. 'res.users',
  25. 'Artificial user representing the client in client credentials requests',
  26. readonly=True,
  27. required=True,
  28. ondelete='restrict'
  29. )
  30. allow_password_grant = fields.Boolean(
  31. string='Allow OAuth2 password grant',
  32. default=False,
  33. )
  34. user_group_id = fields.Many2one(
  35. 'res.groups',
  36. 'Restrict the client to a group'
  37. )
  38. @api.model
  39. def __system_user_name(self, client_name):
  40. return '{} - API system user'.format(client_name)
  41. @api.model
  42. def create(self, values):
  43. if 'name' in values:
  44. system_user = self.env['res.users'].create({
  45. 'name': self.__system_user_name(values['name']),
  46. 'login': random_tokens.lower_case(8),
  47. 'groups_id': [(4, self.env.ref('galicea_openid_connect.group_system_user').id)]
  48. })
  49. # Do not include in the "Pending invitations" list
  50. system_user.sudo(system_user.id)._update_last_login()
  51. values['system_user_id'] = system_user.id
  52. return super(Client, self).create(values)
  53. @api.multi
  54. def write(selfs, values):
  55. super(Client, selfs).write(values)
  56. if 'name' in values:
  57. selfs.mapped(lambda client: client.system_user_id).write({
  58. 'name': selfs.__system_user_name(values['name'])
  59. })
  60. return True
  61. @api.multi
  62. def unlink(selfs):
  63. users_to_unlink = selfs.mapped(lambda client: client.system_user_id)
  64. ret = super(Client, selfs).unlink()
  65. users_to_unlink.unlink()
  66. return ret