Browse Source

[ENH] Add option to auto encrypt password based on python syntax

myc-14.0-py3o
Kitti U 4 years ago
parent
commit
f1af8c100e
  1. 28
      report_qweb_encrypt/__manifest__.py
  2. 47
      report_qweb_encrypt/controllers/main.py
  3. 61
      report_qweb_encrypt/models/ir_actions_report.py
  4. 1
      report_qweb_encrypt/readme/CONTRIBUTORS.rst
  5. 6
      report_qweb_encrypt/readme/DESCRIPTION.rst
  6. 2
      report_qweb_encrypt/readme/USAGE.rst
  7. 10
      report_qweb_encrypt/static/src/js/report/action_manager_report.js
  8. 1
      report_qweb_encrypt/tests/__init__.py
  9. 33
      report_qweb_encrypt/tests/test_report_qweb_encrypt.py
  10. 9
      report_qweb_encrypt/views/ir_actions_report.xml

28
report_qweb_encrypt/__manifest__.py

@ -1,21 +1,21 @@
# Copyright 2020 Creu Blanca # Copyright 2020 Creu Blanca
# Copyright 2020 Ecosoft Co., Ltd.
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl). # License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
{ {
'name': 'Report Qweb Encrypt',
'summary': """
Allow to encrypt qweb pdfs""",
'version': '12.0.1.0.0',
'license': 'AGPL-3',
'author': 'Creu Blanca,Odoo Community Association (OCA)',
'website': 'https://github.com/OCA/reporting-engine',
'depends': [
'web',
"name": "Report Qweb Encrypt",
"summary": "Allow to encrypt qweb pdfs",
"version": "12.0.1.0.0",
"license": "AGPL-3",
"author": "Creu Blanca,Ecosoft,Odoo Community Association (OCA)",
"website": "https://github.com/OCA/reporting-engine",
"depends": [
"web",
], ],
'data': [
'views/ir_actions_report.xml',
'templates/assets.xml'
],
'demo': [
"data": [
"views/ir_actions_report.xml",
"templates/assets.xml"
], ],
"installable": True,
"maintainers": ["kittiu"],
} }

47
report_qweb_encrypt/controllers/main.py

@ -1,42 +1,33 @@
# Copyright 2020 Creu Blanca
# Copyright 2020 Ecosoft Co., Ltd.
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
from odoo.addons.web.controllers import main as report from odoo.addons.web.controllers import main as report
from odoo.http import route
from odoo.http import route, request
from werkzeug.urls import url_decode from werkzeug.urls import url_decode
import json import json
import logging
from io import BytesIO
_logger = logging.getLogger(__name__)
try:
from PyPDF2 import PdfFileReader, PdfFileWriter
except ImportError as err:
_logger.debug(err)
class ReportController(report.ReportController): class ReportController(report.ReportController):
@route() @route()
def report_download(self, data, token): def report_download(self, data, token):
result = super().report_download(data, token) result = super().report_download(data, token)
# When report is downloaded from print action, this function is called,
# but this function cannot pass context (manually entered password) to
# report.render_qweb_pdf(), encrypton for manual password is done here.
requestcontent = json.loads(data) requestcontent = json.loads(data)
url, type = requestcontent[0], requestcontent[1]
url, ttype = requestcontent[0], requestcontent[1]
if ( if (
type in ['qweb-pdf'] and
result.headers['Content-Type'] == "application/pdf" and
'?' in url
ttype in ["qweb-pdf"] and
result.headers["Content-Type"] == "application/pdf" and
"?" in url
): ):
url_data = dict(url_decode(url.split('?')[1]).items())
if 'context' in url_data:
context_data = json.loads(url_data['context'])
if 'encrypt_password' in context_data:
# We need to encrypt here because this function is not
# passing context, so we need to implement this again
url_data = dict(url_decode(url.split("?")[1]).items())
if "context" in url_data:
context = json.loads(url_data["context"])
if "encrypt_password" in context:
Report = request.env["ir.actions.report"]
data = result.get_data() data = result.get_data()
output_pdf = PdfFileWriter()
in_buff = BytesIO(data)
pdf = PdfFileReader(in_buff)
output_pdf.appendPagesFromReader(pdf)
output_pdf.encrypt(context_data['encrypt_password'])
buff = BytesIO()
output_pdf.write(buff)
result.set_data(buff.getvalue())
encrypted_data = Report._encrypt_pdf(
data, context["encrypt_password"])
result.set_data(encrypted_data)
return result return result

61
report_qweb_encrypt/models/ir_actions_report.py

@ -1,9 +1,13 @@
# Copyright 2020 Creu Blanca # Copyright 2020 Creu Blanca
# Copyright 2020 Ecosoft Co., Ltd.
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl). # License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
from odoo import fields, models
import time
import logging import logging
from odoo import fields, models, _
from io import BytesIO from io import BytesIO
from odoo.tools.safe_eval import safe_eval
from odoo.exceptions import ValidationError
_logger = logging.getLogger(__name__) _logger = logging.getLogger(__name__)
try: try:
@ -13,21 +17,56 @@ except ImportError as err:
class IrActionsReport(models.Model): class IrActionsReport(models.Model):
_inherit = "ir.actions.report"
_inherit = 'ir.actions.report'
encrypt = fields.Boolean()
encrypt = fields.Selection(
[("manual", "Manual Input Password"),
("auto", "Auto Generated Password")],
string="Encryption",
help="* Manual Input Password: allow user to key in password on the fly. "
"This option available only on document print action.\n"
"* Auto Generated Password: system will auto encrypt password when PDF "
"created, based on provided python syntax."
)
encrypt_password = fields.Char(
help="Python code syntax to gnerate password.",
)
def render_qweb_pdf(self, res_ids=None, data=None): def render_qweb_pdf(self, res_ids=None, data=None):
document, type = super(IrActionsReport, self).render_qweb_pdf(
document, ttype = super(IrActionsReport, self).render_qweb_pdf(
res_ids=res_ids, data=data) res_ids=res_ids, data=data)
if self.encrypt and self.env.context.get('encrypt_password', False):
password = self._get_pdf_password(res_ids[:1])
document = self._encrypt_pdf(document, password)
return document, ttype
def _get_pdf_password(self, res_id):
encrypt_password = False
if self.encrypt == "manual":
# If use document print action, report_download() is called,
# but that can't pass context (encrypt_password) here.
# As such, file will be encrypted by report_download() again.
# --
# Following is used just in case when context is passed in.
encrypt_password = self._context.get("encrypt_password", False)
elif self.encrypt == "auto" and self.encrypt_password:
obj = self.env[self.model].browse(res_id)
try:
encrypt_password = safe_eval(self.encrypt_password,
{'object': obj, 'time': time})
except:
raise ValidationError(
_("Python code used for encryption password is invalid.\n%s")
% self.encrypt_password)
return encrypt_password
def _encrypt_pdf(self, data, password):
if not password:
return data
output_pdf = PdfFileWriter() output_pdf = PdfFileWriter()
in_buff = BytesIO(document)
in_buff = BytesIO(data)
pdf = PdfFileReader(in_buff) pdf = PdfFileReader(in_buff)
output_pdf.appendPagesFromReader(pdf) output_pdf.appendPagesFromReader(pdf)
output_pdf.encrypt(self.env.context.get('encrypt_password'))
output_pdf.encrypt(password)
buff = BytesIO() buff = BytesIO()
output_pdf.write(buff) output_pdf.write(buff)
document = buff.getvalue()
return document, type
return buff.getvalue()

1
report_qweb_encrypt/readme/CONTRIBUTORS.rst

@ -1,2 +1,3 @@
* Enric Tobella <etobella@creublanca.es> * Enric Tobella <etobella@creublanca.es>
* Jaime Arroyo <jaime.arroyo@creublanca.es> * Jaime Arroyo <jaime.arroyo@creublanca.es>
* Kitti U. <kittiu@ecosoft.co.th>

6
report_qweb_encrypt/readme/DESCRIPTION.rst

@ -1,2 +1,4 @@
This module allows you to encrypt pdf files with a password when
downloading them.
This module allow you to encrypt PDF with a password seting option,
* Manually keyin password (only applicable for record print action)
* Auto generated password based on object data (python)

2
report_qweb_encrypt/readme/USAGE.rst

@ -1 +1 @@
To make a report encryptable mark the field `Encryptable` in the report record.
To make a report encryptable mark the field `Encryption` in the report record.

10
report_qweb_encrypt/static/src/js/report/action_manager_report.js

@ -49,11 +49,13 @@ odoo.define("report_qweb_encrypt.Dialog", function (require) {
ActionManager.include({ ActionManager.include({
_executeReportAction: function (action, options, password) { _executeReportAction: function (action, options, password) {
if (action.encrypt && password === undefined) {
if (action.encrypt === 'manual'
&& action.report_type === 'qweb-pdf'
&& password === undefined) {
EncryptDialog.askPassword(this, action, options); EncryptDialog.askPassword(this, action, options);
return $.Deferred()
return $.Deferred();
} }
else if (action.encrypt) {
else if (action.encrypt === 'manual') {
action.context = _.extend({}, action.context, { action.context = _.extend({}, action.context, {
encrypt_password: password, encrypt_password: password,
}) })
@ -62,7 +64,7 @@ odoo.define("report_qweb_encrypt.Dialog", function (require) {
}, },
_makeReportUrls: function (action) { _makeReportUrls: function (action) {
var reportUrls = this._super.apply(this, arguments); var reportUrls = this._super.apply(this, arguments);
if (action.encrypt && action.context.encrypt_password) {
if (action.encrypt === 'manual' && action.context.encrypt_password) {
if (_.isUndefined(action.data) || _.isNull(action.data) || if (_.isUndefined(action.data) || _.isNull(action.data) ||
(_.isObject(action.data) && _.isEmpty(action.data))) { (_.isObject(action.data) && _.isEmpty(action.data))) {
var serializedOptionsPath = '?context=' + encodeURIComponent(JSON.stringify({ var serializedOptionsPath = '?context=' + encodeURIComponent(JSON.stringify({

1
report_qweb_encrypt/tests/__init__.py

@ -0,0 +1 @@
from . import test_report_qweb_encrypt

33
report_qweb_encrypt/tests/test_report_qweb_encrypt.py

@ -0,0 +1,33 @@
# © 2016 Therp BV <http://therp.nl>
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
from odoo.exceptions import ValidationError
from odoo.tests.common import HttpCase
class TestReportQwebEncrypt(HttpCase):
def test_report_qweb_no_encrypt(self):
ctx = {"force_report_rendering": True}
report = self.env.ref("web.action_report_internalpreview")
report.encrypt = False
pdf, _ = report.with_context(ctx).render_qweb_pdf([1])
self.assertFalse(pdf.count(b"/Encrypt"))
def test_report_qweb_auto_encrypt(self):
ctx = {"force_report_rendering": True}
report = self.env.ref("web.action_report_internalpreview")
report.encrypt = "auto"
report.encrypt_password = False
# If no encrypt_password, still not encrypted
pdf, _ = report.with_context(ctx).render_qweb_pdf([1])
self.assertFalse(pdf.count(b"/Encrypt"))
# If invalid encrypt_password, show error
report.encrypt_password = "invalid python syntax"
with self.assertRaises(ValidationError):
pdf, _ = report.with_context(ctx).render_qweb_pdf([1])
# Valid python string for password
report.encrypt_password = "'secretcode'"
pdf, _ = report.with_context(ctx).render_qweb_pdf([1])
self.assertTrue(pdf.count(b"/Encrypt"))
# TODO: test_report_qweb_manual_encrypt, require JS test?

9
report_qweb_encrypt/views/ir_actions_report.xml

@ -1,5 +1,6 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!-- Copyright 2020 Creu Blanca <!-- Copyright 2020 Creu Blanca
Copyright 2020 Ecosoft Co., LTd.
License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl). --> License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl). -->
<odoo> <odoo>
@ -10,11 +11,15 @@
<field name="inherit_id" ref="base.act_report_xml_view"/> <field name="inherit_id" ref="base.act_report_xml_view"/>
<field name="arch" type="xml"> <field name="arch" type="xml">
<field name="paperformat_id" position="after"> <field name="paperformat_id" position="after">
<label for="encrypt" attrs="{'invisible': [('report_type', 'not in', ('qweb-pdf', 'qweb-html'))]}"/>
<div name="encrypt" attrs="{'invisible': [('report_type', 'not in', ('qweb-pdf', 'qweb-html'))]}">
<field name="encrypt"/> <field name="encrypt"/>
<field name="encrypt_password"
attrs="{'invisible': [('encrypt', '!=', 'auto')]}"
placeholder="python syntax, i.e., (object.default_code or 'secretcode')"/>
</div>
</field> </field>
</field> </field>
</record> </record>
</odoo> </odoo>
Loading…
Cancel
Save