OCA
/
server-tools
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
461 Commits
13 Branches
0 Tags
45 MiB
Tree: 81bb356b05
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '81bb356b05'
${ noResults }
server-tools/sql_export/sql_export.py

147 lines
5.2 KiB
Raw Normal View History

ADD sql_export module
10 years ago
  1. # -*- coding: utf-8 -*-
  2. ##############################################################################
  3. #
  4. # OpenERP, Open Source Management Solution
  5. # Copyright (C) 2015 Akretion (<http://www.akretion.com>).
  6. #
  7. # This program is free software: you can redistribute it and/or modify
  8. # it under the terms of the GNU Affero General Public License as
  9. # published by the Free Software Foundation, either version 3 of the
  10. # License, or (at your option) any later version.
  11. #
  12. # This program is distributed in the hope that it will be useful,
  13. # but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  15. # GNU Affero General Public License for more details.
  16. #
  17. # You should have received a copy of the GNU Affero General Public License
  18. # along with this program. If not, see <http://www.gnu.org/licenses/>.
  19. #
  20. ##############################################################################
  22. import StringIO
  23. import base64
  24. import datetime
  25. import re
  26. from openerp.osv.orm import Model
  27. from openerp.osv import fields, orm
  28. from openerp.tools.translate import _
  29. from openerp.tools import DEFAULT_SERVER_DATETIME_FORMAT
  32. class SqlExport(Model):
  33. _name = "sql.export"
  34. _description = "SQL export"
  36. PROHIBITED_WORDS = [
  37. 'delete',
  38. 'drop',
  39. 'insert',
  40. 'alter',
  41. 'truncate',
  42. 'execute',
  43. 'create',
  44. 'update'
  45. ]
  47. def _check_query_allowed(self, cr, uid, ids, context=None):
  48. for obj in self.browse(cr, uid, ids, context=context):
  49. query = obj.query.lower()
  50. for word in self.PROHIBITED_WORDS:
  51. expr = r'\b%s\b' % word
  52. is_not_safe = re.search(expr, query)
  53. if is_not_safe:
  54. return False
  55. return True
  57. def _get_editor_group(self, cr, uid, *args):
  58. model_data_obj = self.pool['ir.model.data']
  59. return [model_data_obj.get_object_reference(
  60. cr, uid, 'sql_export', 'group_sql_request_editor')[1]]
  62. _columns = {
  63. 'name': fields.char('Name', required=True),
  64. 'query': fields.text(
  65. 'Query',
  66. required=True,
  67. help="You can't use the following word : delete, drop, create, "
  68. "insert, alter, truncate, execute, update"),
  69. 'copy_options': fields.char(
  70. 'Copy Options',
  71. required=True),
  72. 'group_ids': fields.many2many(
  73. 'res.groups',
  74. 'groups_sqlquery_rel',
  75. 'sql_id',
  76. 'group_id',
  77. 'Allowed Groups'),
  78. 'user_ids': fields.many2many(
  79. 'res.users',
  80. 'users_sqlquery_rel',
  81. 'sql_id',
  82. 'user_id',
  83. 'Allowed Users'),
  84. }
  86. _defaults = {
  87. 'group_ids': _get_editor_group,
  88. 'copy_options': "CSV HEADER DELIMITER ';'",
  89. }
  91. _constraints = [(_check_query_allowed,
  92. 'The query you want make is not allowed : prohibited '
  93. 'actions (%s)' % ', '.join(PROHIBITED_WORDS),
  94. ['query'])]
  96. def export_sql_query(self, cr, uid, ids, context=None):
  97. if not context:
  98. context = {}
  99. for obj in self.browse(cr, uid, ids, context=context):
  100. today = datetime.datetime.now()
  101. today_tz = fields.datetime.context_timestamp(
  102. cr, uid, today, context=context)
  103. date = today_tz.strftime(DEFAULT_SERVER_DATETIME_FORMAT)
  104. output = StringIO.StringIO()
  105. query = "COPY (" + obj.query + ") TO STDOUT WITH " + \
  106. obj.copy_options
  107. cr.copy_expert(query, output)
  108. output.getvalue()
  109. new_output = base64.b64encode(output.getvalue())
  110. output.close()
  111. wiz = self.pool.get('sql.file.wizard').create(
  112. cr, uid,
  113. {
  114. 'file': new_output,
  115. 'file_name': obj.name + '_' + date + '.csv'})
  116. return {
  117. 'view_type': 'form',
  118. 'view_mode': 'form',
  119. 'res_model': 'sql.file.wizard',
  120. 'res_id': wiz,
  121. 'type': 'ir.actions.act_window',
  122. 'target': 'new',
  123. 'context': context,
  124. 'nodestroy': True,
  125. }
  127. def check_query_syntax(self, cr, uid, vals, context=None):
  128. if vals.get('query', False):
  129. vals['query'] = vals['query'].strip()
  130. if vals['query'][-1] == ';':
  131. vals['query'] = vals['query'][:-1]
  132. try:
  133. cr.execute(vals['query'])
  134. except:
  135. cr.rollback()
  136. raise orm.except_orm(_("Invalid Query"),
  137. _("The Sql query is not valid."))
  138. return vals
  140. def write(self, cr, uid, ids, vals, context=None):
  141. vals = self.check_query_syntax(cr, uid, vals, context=context)
  142. return super(SqlExport, self).write(
  143. cr, uid, ids, vals, context=context)
  145. def create(self, cr, uid, vals, context=None):
  146. vals = self.check_query_syntax(cr, uid, vals, context=context)
  147. return super(SqlExport, self).create(cr, uid, vals, context=context)