OCA
/
reporting-engine
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
OCA reporting engine fork for dev and update.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5 Commits
12 Branches
0 Tags
11 MiB
Tree: c2752d55cd
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'c2752d55cd'
${ noResults }
reporting-engine/bi_sql_editor/models/bi_sql_view.py

495 lines
17 KiB
Raw Normal View History

new module bi_sql_editor [IMP] function to guess model for many2one field; [ADD] security
7 years ago
  1. # -*- coding: utf-8 -*-
  2. # Copyright (C) 2017 - Today: GRAP (http://www.grap.coop)
  3. # @author: Sylvain LE GAL (https://twitter.com/legalsylvain)
  4. # License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
  6. import logging
  7. from psycopg2 import ProgrammingError
  9. from openerp import _, api, fields, models, SUPERUSER_ID
  10. from openerp.exceptions import Warning as UserError
  12. _logger = logging.getLogger(__name__)
  15. class BiSQLView(models.Model):
  16. _name = 'bi.sql.view'
  17. _inherit = ['sql.request.mixin']
  19. _sql_prefix = 'x_bi_sql_view_'
  21. _model_prefix = 'x_bi_sql_view.'
  23. _sql_request_groups_relation = 'bi_sql_view_groups_rel'
  25. _sql_request_users_relation = 'bi_sql_view_users_rel'
  27. _STATE_SQL_EDITOR = [
  28. ('model_valid', 'SQL View and Model Created'),
  29. ('ui_valid', 'Graph, action and Menu Created'),
  30. ]
  32. technical_name = fields.Char(
  33. string='Technical Name', required=True,
  34. help="Suffix of the SQL view. (SQL full name will be computed and"
  35. " prefixed by 'x_bi_sql_view_'. Should have correct"
  36. "syntax. For more information, see https://www.postgresql.org/"
  37. "docs/current/static/sql-syntax-lexical.html#SQL-SYNTAX-IDENTIFIERS")
  39. view_name = fields.Char(
  40. string='View Name', compute='_compute_view_name', readonly=True,
  41. store=True, help="Full name of the SQL view")
  43. model_name = fields.Char(
  44. string='Model Name', compute='_compute_model_name', readonly=True,
  45. store=True, help="Full Qualified Name of the transient model that will"
  46. " be created.")
  48. is_materialized = fields.Boolean(
  49. string='Is Materialized View', default=True, readonly=True,
  50. states={'draft': [('readonly', False)]})
  52. materialized_text = fields.Char(
  53. compute='_compute_materialized_text', store=True)
  55. size = fields.Char(
  56. string='Database Size', readonly=True,
  57. help="Size of the materialized view and its indexes")
  59. state = fields.Selection(selection_add=_STATE_SQL_EDITOR)
  61. query = fields.Text(
  62. help="SQL Request that will be inserted as the view. Take care to :\n"
  63. " * set a name for all your selected fields, specially if you use"
  64. " SQL function (like EXTRACT, ...);\n"
  65. " * Do not use 'SELECT *' or 'SELECT table.*';\n"
  66. " * prefix the name of the selectable columns by 'x_';",
  67. default="SELECT\n"
  68. " my_field as x_my_field\n"
  69. "FROM my_table")
  71. domain_force = fields.Text(
  72. string='Extra Rule Definition', default="[]", help="Define here"
  73. " access restriction to data.\n"
  74. " Take care to use field name prefixed by 'x_'."
  75. " A global 'ir.rule' will be created."
  76. " A typical Multi Company rule is for exemple \n"
  77. " ['|', ('x_company_id','child_of', [user.company_id.id]),"
  78. "('x_company_id','=',False)].")
  80. has_group_changed = fields.Boolean(copy=False)
  82. bi_sql_view_field_ids = fields.One2many(
  83. string='SQL Fields', comodel_name='bi.sql.view.field',
  84. inverse_name='bi_sql_view_id')
  86. model_id = fields.Many2one(
  87. string='Odoo Model', comodel_name='ir.model', readonly=True)
  89. graph_view_id = fields.Many2one(
  90. string='Odoo Graph View', comodel_name='ir.ui.view', readonly=True)
  92. search_view_id = fields.Many2one(
  93. string='Odoo Search View', comodel_name='ir.ui.view', readonly=True)
  95. action_id = fields.Many2one(
  96. string='Odoo Action', comodel_name='ir.actions.act_window',
  97. readonly=True)
  99. menu_id = fields.Many2one(
  100. string='Odoo Menu', comodel_name='ir.ui.menu', readonly=True)
  102. cron_id = fields.Many2one(
  103. string='Odoo Cron', comodel_name='ir.cron', readonly=True,
  104. help="Cron Task that will refresh the materialized view")
  106. rule_id = fields.Many2one(
  107. string='Odoo Rule', comodel_name='ir.rule', readonly=True)
  109. # Compute Section
  110. @api.depends('is_materialized')
  111. @api.multi
  112. def _compute_materialized_text(self):
  113. for sql_view in self:
  114. sql_view.materialized_text =\
  115. sql_view.is_materialized and 'MATERIALIZED' or ''
  117. @api.depends('technical_name')
  118. @api.multi
  119. def _compute_view_name(self):
  120. for sql_view in self:
  121. sql_view.view_name = '%s%s' % (
  122. sql_view._sql_prefix, sql_view.technical_name)
  124. @api.depends('technical_name')
  125. @api.multi
  126. def _compute_model_name(self):
  127. for sql_view in self:
  128. sql_view.model_name = '%s%s' % (
  129. sql_view._model_prefix, sql_view.technical_name)
  131. @api.onchange('group_ids')
  132. def onchange_group_ids(self):
  133. if self.state not in ('draft', 'sql_valid'):
  134. self.has_group_changed = True
  136. # Overload Section
  137. @api.multi
  138. def unlink(self):
  139. non_draft_views = self.search([
  140. ('id', 'in', self.ids),
  141. ('state', 'not in', ('draft', 'sql_valid'))])
  142. if non_draft_views:
  143. raise UserError(_("You can only unlink draft views"))
  144. return self.unlink()
  146. @api.multi
  147. def copy(self, default=None):
  148. self.ensure_one()
  149. default = dict(default or {})
  150. default.update({
  151. 'name': _('%s (Copy)') % (self.name),
  152. 'technical_name': '%s_copy' % (self.technical_name),
  153. })
  154. return super(BiSQLView, self).copy(default=default)
  156. # Action Section
  157. @api.multi
  158. def button_create_sql_view_and_model(self):
  159. for sql_view in self:
  160. if sql_view.state != 'sql_valid':
  161. raise UserError(_(
  162. "You can only process this action on SQL Valid items"))
  163. # Create ORM and acess
  164. sql_view._create_model_and_fields()
  165. sql_view._create_model_access()
  167. # Create SQL View and indexes
  168. sql_view._create_view()
  169. sql_view._create_index()
  171. if sql_view.is_materialized:
  172. sql_view.cron_id = self.env['ir.cron'].create(
  173. sql_view._prepare_cron()).id
  174. sql_view.state = 'model_valid'
  176. @api.multi
  177. def button_set_draft(self):
  178. for sql_view in self:
  179. if sql_view.state in ('model_valid', 'ui_valid'):
  180. # Drop SQL View (and indexes by cascade)
  181. sql_view._drop_view()
  183. # Drop ORM
  184. sql_view._drop_model_and_fields()
  186. sql_view.graph_view_id.unlink()
  187. sql_view.action_id.unlink()
  188. sql_view.menu_id.unlink()
  189. sql_view.rule_id.unlink()
  190. if sql_view.cron_id:
  191. sql_view.cron_id.unlink()
  192. sql_view.write({'state': 'draft', 'has_group_changed': False})
  194. @api.multi
  195. def button_create_ui(self):
  196. self.graph_view_id = self.env['ir.ui.view'].create(
  197. self._prepare_graph_view()).id
  198. self.search_view_id = self.env['ir.ui.view'].create(
  199. self._prepare_search_view()).id
  200. self.action_id = self.env['ir.actions.act_window'].create(
  201. self._prepare_action()).id
  202. self.menu_id = self.env['ir.ui.menu'].create(
  203. self._prepare_menu()).id
  204. self.write({'state': 'ui_valid'})
  206. @api.multi
  207. def button_update_model_access(self):
  208. self._drop_model_access()
  209. self._create_model_access()
  210. self.write({'has_group_changed': False})
  212. @api.multi
  213. def button_refresh_materialized_view(self):
  214. self._refresh_materialized_view()
  216. @api.multi
  217. def button_open_view(self):
  218. return {
  219. 'type': 'ir.actions.act_window',
  220. 'res_model': self.model_id.model,
  221. 'view_id': self.graph_view_id.id,
  222. 'search_view_id': self.search_view_id.id,
  223. 'view_type': 'graph',
  224. 'view_mode': 'graph',
  225. }
  227. # Prepare Function
  228. @api.multi
  229. def _prepare_model(self):
  230. self.ensure_one()
  231. field_id = []
  232. for field in self.bi_sql_view_field_ids.filtered(
  233. lambda x: x.field_description is not False):
  234. field_id.append([0, False, field._prepare_model_field()])
  235. return {
  236. 'name': self.name,
  237. 'model': self.model_name,
  238. 'access_ids': [],
  239. 'field_id': field_id,
  240. }
  242. @api.multi
  243. def _prepare_model_access(self):
  244. self.ensure_one()
  245. res = []
  246. for group in self.group_ids:
  247. res.append({
  248. 'name': _('%s Access %s') % (
  249. self.model_name, group.full_name),
  250. 'model_id': self.model_id.id,
  251. 'group_id': group.id,
  252. 'perm_read': True,
  253. 'perm_create': False,
  254. 'perm_write': False,
  255. 'perm_unlink': False,
  256. })
  257. return res
  259. @api.multi
  260. def _prepare_cron(self):
  261. self.ensure_one()
  262. return {
  263. 'name': _('Refresh Materialized View %s') % (self.view_name),
  264. 'user_id': SUPERUSER_ID,
  265. 'model': 'bi.sql.view',
  266. 'function': 'button_refresh_materialized_view',
  267. 'args': repr(([self.id],))
  268. }
  270. @api.multi
  271. def _prepare_rule(self):
  272. self.ensure_one()
  273. return {
  274. 'name': _('Access %s') % (self.name),
  275. 'model_id': self.model_id.id,
  276. 'domain_force': self.domain_force,
  277. 'global': True,
  278. }
  280. @api.multi
  281. def _prepare_graph_view(self):
  282. self.ensure_one()
  283. return {
  284. 'name': self.name,
  285. 'type': 'graph',
  286. 'model': self.model_id.model,
  287. 'arch':
  288. """<?xml version="1.0"?>"""
  289. """<graph string="Analysis" type="pivot" stacked="True">{}"""
  290. """</graph>""".format("".join(
  291. [x._prepare_graph_field()
  292. for x in self.bi_sql_view_field_ids]))
  293. }
  295. @api.multi
  296. def _prepare_search_view(self):
  297. self.ensure_one()
  298. return {
  299. 'name': self.name,
  300. 'type': 'search',
  301. 'model': self.model_id.model,
  302. 'arch':
  303. """<?xml version="1.0"?>"""
  304. """<search string="Analysis">{}"""
  305. """<group expand="1" string="Group By">{}</group>"""
  306. """</search>""".format(
  307. "".join(
  308. [x._prepare_search_field()
  309. for x in self.bi_sql_view_field_ids]),
  310. "".join(
  311. [x._prepare_search_filter_field()
  312. for x in self.bi_sql_view_field_ids]))
  313. }
  315. @api.multi
  316. def _prepare_action(self):
  317. self.ensure_one()
  318. return {
  319. 'name': self.name,
  320. 'res_model': self.model_id.model,
  321. 'type': 'ir.actions.act_window',
  322. 'view_type': 'form',
  323. 'view_mode': 'graph',
  324. 'view_id': self.graph_view_id.id,
  325. 'search_view_id': self.search_view_id.id,
  326. }
  328. @api.multi
  329. def _prepare_menu(self):
  330. self.ensure_one()
  331. return {
  332. 'name': self.name,
  333. 'parent_id': self.env.ref('bi_sql_editor.menu_bi_sql_editor').id,
  334. 'action': 'ir.actions.act_window,%s' % (self.action_id.id),
  335. }
  337. # Custom Section
  338. def _log_execute(self, req):
  339. _logger.info("Executing SQL Request %s ..." % (req))
  340. self.env.cr.execute(req)
  342. @api.multi
  343. def _drop_view(self):
  344. for sql_view in self:
  345. self._log_execute(
  346. "DROP %s VIEW IF EXISTS %s" % (
  347. sql_view.materialized_text, sql_view.view_name))
  348. sql_view.size = False
  350. @api.multi
  351. def _create_view(self):
  352. for sql_view in self:
  353. sql_view._drop_view()
  354. try:
  355. self._log_execute(sql_view._prepare_request_for_execution())
  356. sql_view._refresh_size()
  357. except ProgrammingError as e:
  358. raise UserError(_(
  359. "SQL Error while creating %s VIEW %s :\n %s") % (
  360. sql_view.materialized_text, sql_view.view_name,
  361. e.message))
  363. @api.multi
  364. def _create_index(self):
  365. for sql_view in self:
  366. for sql_field in sql_view.bi_sql_view_field_ids.filtered(
  367. lambda x: x.is_index is True):
  368. self._log_execute(
  369. "CREATE INDEX %s ON %s (%s);" % (
  370. sql_field.index_name, sql_view.view_name,
  371. sql_field.name))
  373. @api.multi
  374. def _create_model_and_fields(self):
  375. for sql_view in self:
  376. # Create model
  377. sql_view.model_id = self.env['ir.model'].create(
  378. self._prepare_model()).id
  379. sql_view.rule_id = self.env['ir.rule'].create(
  380. self._prepare_rule()).id
  381. # Drop table, created by the ORM
  382. req = "DROP TABLE %s" % (sql_view.view_name)
  383. self.env.cr.execute(req)
  385. @api.multi
  386. def _create_model_access(self):
  387. for sql_view in self:
  388. for item in sql_view._prepare_model_access():
  389. self.env['ir.model.access'].create(item)
  391. @api.multi
  392. def _drop_model_access(self):
  393. for sql_view in self:
  394. self.env['ir.model.access'].search(
  395. [('model_id', '=', sql_view.model_name)]).unlink()
  397. @api.multi
  398. def _drop_model_and_fields(self):
  399. for sql_view in self:
  400. sql_view.model_id.unlink()
  402. @api.multi
  403. def _hook_executed_request(self):
  404. self.ensure_one()
  405. req = """
  406. SELECT attnum,
  407. attname AS column,
  408. format_type(atttypid, atttypmod) AS type
  409. FROM pg_attribute
  410. WHERE attrelid = '%s'::regclass
  411. AND NOT attisdropped
  412. AND attnum > 0
  413. ORDER BY attnum;""" % (self.view_name)
  414. self.env.cr.execute(req)
  415. return self.env.cr.fetchall()
  417. @api.multi
  418. def _prepare_request_check_execution(self):
  419. self.ensure_one()
  420. return "CREATE VIEW %s AS (%s);" % (self.view_name, self.query)
  422. @api.multi
  423. def _prepare_request_for_execution(self):
  424. self.ensure_one()
  425. query = """
  426. SELECT
  427. CAST(row_number() OVER () as integer) AS id,
  428. CAST(Null as timestamp without time zone) as create_date,
  429. CAST(Null as integer) as create_uid,
  430. CAST(Null as timestamp without time zone) as write_date,
  431. CAST(Null as integer) as write_uid,
  432. my_query.*
  433. FROM
  434. (%s) as my_query
  435. """ % (self.query)
  436. return "CREATE %s VIEW %s AS (%s);" % (
  437. self.materialized_text, self.view_name, query)
  439. @api.multi
  440. def _check_execution(self):
  441. """Ensure that the query is valid, trying to execute it.
  442. a non materialized view is created for this check.
  443. A rollback is done at the end.
  444. After the execution, and before the rollback, an analysis of
  445. the database structure is done, to know fields type."""
  446. self.ensure_one()
  447. sql_view_field_obj = self.env['bi.sql.view.field']
  448. columns = super(BiSQLView, self)._check_execution()
  449. field_ids = []
  450. for column in columns:
  451. existing_field = self.bi_sql_view_field_ids.filtered(
  452. lambda x: x.name == column[1])
  453. if existing_field:
  454. # Update existing field
  455. field_ids.append(existing_field.id)
  456. existing_field.write({
  457. 'sequence': column[0],
  458. 'sql_type': column[2],
  459. })
  460. else:
  461. # Create a new one if name is prefixed by x_
  462. if column[1][:2] == 'x_':
  463. field_ids.append(sql_view_field_obj.create({
  464. 'sequence': column[0],
  465. 'name': column[1],
  466. 'sql_type': column[2],
  467. 'bi_sql_view_id': self.id,
  468. }).id)
  470. # Drop obsolete view field
  471. self.bi_sql_view_field_ids.filtered(
  472. lambda x: x.id not in field_ids).unlink()
  474. if not self.bi_sql_view_field_ids:
  475. raise UserError(_(
  476. "No Column was found.\n"
  477. "Columns name should be prefixed by 'x_'."))
  479. return columns
  481. @api.multi
  482. def _refresh_materialized_view(self):
  483. for sql_view in self:
  484. req = "REFRESH %s VIEW %s" % (
  485. sql_view.materialized_text, sql_view.view_name)
  486. self._log_execute(req)
  487. sql_view._refresh_size()
  489. @api.multi
  490. def _refresh_size(self):
  491. for sql_view in self:
  492. req = "SELECT pg_size_pretty(pg_total_relation_size('%s'));" % (
  493. sql_view.view_name)
  494. self.env.cr.execute(req)
  495. sql_view.size = self.env.cr.fetchone()[0]