You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

50 lines
1.6 KiB

  1. # Copyright 2018 Creu Blanca
  2. # License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl).
  3. from threading import current_thread
  4. from odoo import api, models, SUPERUSER_ID
  5. from odoo.service import wsgi_server
  6. class ResUsers(models.Model):
  7. _inherit = "res.users"
  8. # HACK https://github.com/odoo/odoo/issues/24183
  9. # TODO Remove in v12, and use normal odoo.http.request to get details
  10. @api.model_cr
  11. def _register_hook(self):
  12. """🐒-patch XML-RPC controller to know remote address."""
  13. super()._register_hook()
  14. original_fn = wsgi_server.application_unproxied
  15. def _patch(environ, start_response):
  16. current_thread().environ = environ
  17. return original_fn(environ, start_response)
  18. wsgi_server.application_unproxied = _patch
  19. @classmethod
  20. def _auth_check_remote(cls, login, method):
  21. """Force a method to raise an AccessDenied on falsey return."""
  22. with cls.pool.cursor() as cr:
  23. env = api.Environment(cr, SUPERUSER_ID, {})
  24. remote = env["res.users"].remote
  25. if remote:
  26. remote.ensure_one()
  27. return method()
  28. # Override all auth-related core methods
  29. @classmethod
  30. def _login(cls, db, login, password):
  31. return cls._auth_check_remote(
  32. login,
  33. lambda: super(ResUsers, cls)._login(db, login, password),
  34. )
  35. @classmethod
  36. def authenticate(cls, db, login, password, user_agent_env):
  37. return cls._auth_check_remote(
  38. login,
  39. lambda: super(ResUsers, cls).authenticate(
  40. db, login, password, user_agent_env),
  41. )