You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

65 lines
2.6 KiB

9 years ago
9 years ago
  1. # -*- coding: utf-8 -*-
  2. ##############################################################################
  3. #
  4. # Author: Laurent Mignon
  5. # Copyright 2014 'ACSONE SA/NV'
  6. #
  7. # This program is free software: you can redistribute it and/or modify
  8. # it under the terms of the GNU Affero General Public License as
  9. # published by the Free Software Foundation, either version 3 of the
  10. # License, or (at your option) any later version.
  11. #
  12. # This program is distributed in the hope that it will be useful,
  13. # but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  15. # GNU Affero General Public License for more details.
  16. #
  17. # You should have received a copy of the GNU Affero General Public License
  18. # along with this program. If not, see <http://www.gnu.org/licenses/>.
  19. #
  20. ##############################################################################
  21. from openerp.modules.registry import RegistryManager
  22. from openerp.osv import orm, fields
  23. from openerp import SUPERUSER_ID
  24. import openerp.exceptions
  25. from openerp.addons.auth_from_http_remote_user import utils
  26. class res_users(orm.Model):
  27. _inherit = 'res.users'
  28. _columns = {
  29. 'sso_key': fields.char('SSO Key', size=utils.KEY_LENGTH,
  30. readonly=True),
  31. }
  32. def copy(self, cr, uid, id, default=None, context=None):
  33. default = default = {} if default is None else default
  34. default['sso_key'] = False
  35. return super(res_users, self).copy(cr, uid, id, default, context)
  36. def check_credentials(self, cr, uid, password):
  37. try:
  38. return super(res_users, self).check_credentials(cr, uid, password)
  39. except openerp.exceptions.AccessDenied:
  40. res = self.search(cr, SUPERUSER_ID, [('id', '=', uid),
  41. ('sso_key', '=', password)])
  42. if not res:
  43. raise openerp.exceptions.AccessDenied()
  44. def check(self, db, uid, passwd):
  45. try:
  46. return super(res_users, self).check(db, uid, passwd)
  47. except openerp.exceptions.AccessDenied:
  48. if not passwd:
  49. raise
  50. with RegistryManager.get(db).cursor() as cr:
  51. cr.execute('''SELECT COUNT(1)
  52. FROM res_users
  53. WHERE id=%s
  54. AND sso_key=%s
  55. AND active=%s''', (int(uid), passwd, True))
  56. if not cr.fetchone()[0]:
  57. raise
  58. self._uid_cache.setdefault(db, {})[uid] = passwd