OCA
/
server-tools
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1798 Commits
13 Branches
0 Tags
45 MiB
Tree: 6b8bf8dcba
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '6b8bf8dcba'
${ noResults }
server-tools/oauth_provider/models/oauth_provider_token.py

99 lines
3.7 KiB
Raw Normal View History

[ADD] Add oauth_provider module
8 years ago
  1. # -*- coding: utf-8 -*-
  2. # Copyright 2016 SYLEAM
  3. # License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
  5. from openerp import models, api, fields, exceptions, _
  8. class OAuthProviderToken(models.Model):
  9. _name = 'oauth.provider.token'
  10. _description = 'OAuth Provider Token'
  11. _rec_name = 'token'
  13. token = fields.Char(required=True, help='The token itself.')
  14. token_type = fields.Selection(
  15. selection=[('Bearer', 'Bearer')], required=True, default='Bearer',
  16. help='Type of token stored. Currently, only the bearer token type is '
  17. 'available.')
  18. refresh_token = fields.Char(
  19. help='The refresh token, if applicable.')
  20. client_id = fields.Many2one(
  21. comodel_name='oauth.provider.client', string='Client', required=True,
  22. help='Client associated to this token.')
  23. user_id = fields.Many2one(
  24. comodel_name='res.users', string='User', required=True,
  25. help='User associated to this token.')
  26. scope_ids = fields.Many2many(
  27. comodel_name='oauth.provider.scope', string='Scopes',
  28. help='Scopes allowed by this token.')
  29. expires_at = fields.Datetime(
  30. required=True, help='Expiration time of the token.')
  31. active = fields.Boolean(
  32. compute='_compute_active', search='_search_active',
  33. help='A token is active only if it has not yet expired.')
  35. _sql_constraints = [
  36. ('token_unique', 'UNIQUE (token, client_id)',
  37. 'The token must be unique per client !'),
  38. ('refresh_token_unique', 'UNIQUE (refresh_token, client_id)',
  39. 'The refresh token must be unique per client !'),
  40. ]
  42. @api.multi
  43. def _compute_active(self):
  44. for token in self:
  45. token.active = fields.Datetime.now() < token.expires_at
  47. @api.model
  48. def _search_active(self, operator, operand):
  49. domain = []
  50. if operator == 'in':
  51. if True in operand:
  52. domain += self._search_active('=', True)
  53. if False in operand:
  54. domain += self._search_active('=', False)
  55. if len(domain) > 1:
  56. domain = [(1, '=', 1)]
  57. elif operator == 'not in':
  58. if True in operand:
  59. domain += self._search_active('!=', True)
  60. if False in operand:
  61. domain += self._search_active('!=', False)
  62. if len(domain) > 1:
  63. domain = [(0, '=', 1)]
  64. elif operator in ('=', '!='):
  65. operators = {
  66. ('=', True): '>',
  67. ('=', False): '<=',
  68. ('!=', False): '>',
  69. ('!=', True): '<=',
  70. }
  71. domain = [('expires_at', operators[operator, operand],
  72. fields.Datetime.now())]
  73. else:
  74. raise exceptions.UserError(
  75. _('Invalid operator {operator} for field active!').format(
  76. operator=operator))
  78. return domain
  80. @api.multi
  81. def generate_user_id(self):
  82. """ Generates a unique user identifier for this token """
  83. self.ensure_one()
  85. return self.client_id.generate_user_id(self.user_id)
  87. @api.multi
  88. def get_data_for_model(self, model, res_id=None, all_scopes_match=False):
  89. """ Returns the data of the accessible records of the requested model,
  91. Data are returned depending on the allowed scopes for the token
  92. If the all_scopes_match argument is set to True, return only records
  93. allowed by all token's scopes
  94. """
  95. self.ensure_one()
  97. # Retrieve records allowed from all scopes
  98. return self.sudo(user=self.user_id).scope_ids.get_data_for_model(
  99. model, res_id=res_id, all_scopes_match=all_scopes_match)