You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

83 lines
3.1 KiB

  1. # -*- encoding: utf-8 -*-
  2. ##############################################################################
  3. #
  4. # Authentification - Track And Prevent Brute-force Attack module for Odoo
  5. # Copyright (C) 2015-Today GRAP (http://www.grap.coop)
  6. # @author Sylvain LE GAL (https://twitter.com/legalsylvain)
  7. #
  8. # This program is free software: you can redistribute it and/or modify
  9. # it under the terms of the GNU Affero General Public License as
  10. # published by the Free Software Foundation, either version 3 of the
  11. # License, or (at your option) any later version.
  12. #
  13. # This program is distributed in the hope that it will be useful,
  14. # but WITHOUT ANY WARRANTY; without even the implied warranty of
  15. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  16. # GNU Affero General Public License for more details.
  17. #
  18. # You should have received a copy of the GNU Affero General Public License
  19. # along with this program. If not, see <http://www.gnu.org/licenses/>.
  20. #
  21. ##############################################################################
  22. import urllib
  23. import json
  24. from openerp import models, fields, api
  25. from openerp.tools.translate import _
  26. class ResBannedRemote(models.Model):
  27. _name = 'res.banned.remote'
  28. _GEOLOCALISATION_URL = "http://ip-api.com/json/{}"
  29. # Default Section
  30. def _default_ban_date(self):
  31. return fields.Datetime.now()
  32. # Column Section
  33. name = fields.Char(
  34. string='Name', compute='_compute_remote_description',
  35. store=True, multi='remote_description', required=True)
  36. description = fields.Text(
  37. string='Description', compute='_compute_remote_description',
  38. store=True, multi='remote_description')
  39. ban_date = fields.Datetime(
  40. string='Ban Date', required=True, default=_default_ban_date)
  41. remote = fields.Char(string='Remote ID', required=True)
  42. active = fields.Boolean(
  43. string='Active', help="Uncheck this box to unban the remote",
  44. default=True)
  45. attempt_ids = fields.Many2many(
  46. comodel_name='res.authentication.attempt', string='Attempts',
  47. compute='_compute_attempt_ids')
  48. # Compute Section
  49. @api.multi
  50. @api.depends('remote')
  51. def _compute_remote_description(self):
  52. for item in self:
  53. url = self._GEOLOCALISATION_URL.format(item.remote)
  54. res = json.loads(urllib.urlopen(url).read())
  55. item.description = ''
  56. for k, v in res.iteritems():
  57. item.description += '%s : %s\n' % (k, v)
  58. if res.get('status', False) == 'success':
  59. item.name = _("%s %s - %s %s (ISP: %s)" % (
  60. res.get('country', ''), res.get('regionName', ''),
  61. res.get('zip', ''), res.get('city'),
  62. res.get('isp', '')))
  63. else:
  64. item.name = _('Unidentified Call from %s' % (item.remote))
  65. @api.multi
  66. def _compute_attempt_ids(self):
  67. for item in self:
  68. attempt_obj = self.env['res.authentication.attempt']
  69. item.attempt_ids = attempt_obj.search_last_failed(item.remote).ids