Browse Source
[ADD] auth_admin_passkey that allows admin user (uid=1) to login with
[ADD] auth_admin_passkey that allows admin user (uid=1) to login with
any login and his passwordpull/2/head
unknown
11 years ago
committed by
Holger Brunn
10 changed files with 616 additions and 0 deletions
-
23auth_admin_passkey/__init__.py
-
66auth_admin_passkey/__openerp__.py
-
34auth_admin_passkey/data/ir_config_parameter.xml
-
101auth_admin_passkey/i18n/auth_admin_passkey.pot
-
108auth_admin_passkey/i18n/fr.po
-
24auth_admin_passkey/model/__init__.py
-
76auth_admin_passkey/model/res_config.py
-
137auth_admin_passkey/model/res_users.py
-
BINauth_admin_passkey/static/src/img/icon.png
-
47auth_admin_passkey/view/res_config_view.xml
@ -0,0 +1,23 @@ |
|||||
|
# -*- encoding: utf-8 -*- |
||||
|
############################################################################## |
||||
|
# |
||||
|
# Admin Passkey module for OpenERP |
||||
|
# Copyright (C) 2013-2014 GRAP (http://www.grap.coop) |
||||
|
# @author Sylvain LE GAL (https://twitter.com/legalsylvain) |
||||
|
# |
||||
|
# This program is free software: you can redistribute it and/or modify |
||||
|
# it under the terms of the GNU Affero General Public License as |
||||
|
# published by the Free Software Foundation, either version 3 of the |
||||
|
# License, or (at your option) any later version. |
||||
|
# |
||||
|
# This program is distributed in the hope that it will be useful, |
||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||||
|
# GNU Affero General Public License for more details. |
||||
|
# |
||||
|
# You should have received a copy of the GNU Affero General Public License |
||||
|
# along with this program. If not, see <http://www.gnu.org/licenses/>. |
||||
|
# |
||||
|
############################################################################## |
||||
|
|
||||
|
from . import model |
@ -0,0 +1,66 @@ |
|||||
|
# -*- encoding: utf-8 -*- |
||||
|
############################################################################## |
||||
|
# |
||||
|
# Admin Passkey module for OpenERP |
||||
|
# Copyright (C) 2013-2014 GRAP (http://www.grap.coop) |
||||
|
# @author Sylvain LE GAL (https://twitter.com/legalsylvain) |
||||
|
# |
||||
|
# This program is free software: you can redistribute it and/or modify |
||||
|
# it under the terms of the GNU Affero General Public License as |
||||
|
# published by the Free Software Foundation, either version 3 of the |
||||
|
# License, or (at your option) any later version. |
||||
|
# |
||||
|
# This program is distributed in the hope that it will be useful, |
||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||||
|
# GNU Affero General Public License for more details. |
||||
|
# |
||||
|
# You should have received a copy of the GNU Affero General Public License |
||||
|
# along with this program. If not, see <http://www.gnu.org/licenses/>. |
||||
|
# |
||||
|
############################################################################## |
||||
|
|
||||
|
{ |
||||
|
'name': 'Authentification - Admin Passkey', |
||||
|
'version': '2.1', |
||||
|
'category': 'base', |
||||
|
'description': """ |
||||
|
Admin password become a passkey for all active logins |
||||
|
===================================================== |
||||
|
|
||||
|
Functionality : |
||||
|
--------------- |
||||
|
* Administrator has now the possibility to login in with any login; |
||||
|
* By default, OpenERP will send a mail to user and admin to indicate them; |
||||
|
* If a user and the admin have the same password, admin will be informed; |
||||
|
|
||||
|
Technical information : |
||||
|
----------------------- |
||||
|
* Create two ir_config_parameter to enable / disable mail sending; |
||||
|
|
||||
|
Copyright, Author and Licence : |
||||
|
------------------------------- |
||||
|
* Copyright : 2014, Groupement Régional Alimentaire de Proximité; |
||||
|
* Author : Sylvain LE GAL (https://twitter.com/legalsylvain); |
||||
|
* Licence : AGPL-3 (http://www.gnu.org/licenses/) |
||||
|
""", |
||||
|
'author': 'GRAP', |
||||
|
'website': 'http://www.grap.coop', |
||||
|
'license': 'AGPL-3', |
||||
|
'depends': [ |
||||
|
'mail', |
||||
|
], |
||||
|
'data': [ |
||||
|
'data/ir_config_parameter.xml', |
||||
|
'view/res_config_view.xml', |
||||
|
], |
||||
|
'demo': [], |
||||
|
'js': [], |
||||
|
'css': [], |
||||
|
'qweb': [], |
||||
|
'images': [], |
||||
|
'post_load': '', |
||||
|
'application': False, |
||||
|
'installable': True, |
||||
|
'auto_install': False, |
||||
|
} |
@ -0,0 +1,34 @@ |
|||||
|
<?xml version="1.0" encoding="UTF-8"?> |
||||
|
<!-- ********************************************************************** --> |
||||
|
<!--Admin Passkey module for OpenERP --> |
||||
|
<!--Copyright (C) 2013-2014 GRAP (http://www.grap.coop) --> |
||||
|
<!--@author Sylvain LE GAL (https://twitter.com/legalsylvain) --> |
||||
|
|
||||
|
<!--This program is free software: you can redistribute it and/or modify --> |
||||
|
<!--it under the terms of the GNU Affero General Public License as --> |
||||
|
<!--published by the Free Software Foundation, either version 3 of the --> |
||||
|
<!--License, or (at your option) any later version. --> |
||||
|
|
||||
|
<!--This program is distributed in the hope that it will be useful, --> |
||||
|
<!--but WITHOUT ANY WARRANTY; without even the implied warranty of --> |
||||
|
<!--MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --> |
||||
|
<!--GNU Affero General Public License for more details. --> |
||||
|
|
||||
|
<!--You should have received a copy of the GNU Affero General Public License--> |
||||
|
<!--along with this program. If not, see <http://www.gnu.org/licenses/>. --> |
||||
|
<!-- ********************************************************************** --> |
||||
|
<openerp> |
||||
|
<data noupdate="1"> |
||||
|
|
||||
|
<record id="send_to_admin" model="ir.config_parameter"> |
||||
|
<field name="key">auth_admin_passkey.send_to_admin</field> |
||||
|
<field name="value">True</field> |
||||
|
</record> |
||||
|
|
||||
|
<record id="send_to_user" model="ir.config_parameter"> |
||||
|
<field name="key">auth_admin_passkey.send_to_user</field> |
||||
|
<field name="value">True</field> |
||||
|
</record> |
||||
|
|
||||
|
</data> |
||||
|
</openerp> |
@ -0,0 +1,101 @@ |
|||||
|
############################################################################## |
||||
|
# |
||||
|
# Admin Passkey module for OpenERP |
||||
|
# Copyright (C) 2013-2014 GRAP (http://www.grap.coop) |
||||
|
# @author Sylvain LE GAL (https://twitter.com/legalsylvain) |
||||
|
# |
||||
|
# This program is free software: you can redistribute it and/or modify |
||||
|
# it under the terms of the GNU Affero General Public License as |
||||
|
# published by the Free Software Foundation, either version 3 of the |
||||
|
# License, or (at your option) any later version. |
||||
|
# |
||||
|
# This program is distributed in the hope that it will be useful, |
||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||||
|
# GNU Affero General Public License for more details. |
||||
|
# |
||||
|
# You should have received a copy of the GNU Affero General Public License |
||||
|
# along with this program. If not, see <http://www.gnu.org/licenses/>. |
||||
|
# |
||||
|
############################################################################## |
||||
|
# Translation of OpenERP Server. |
||||
|
# This file contains the translation of the following modules: |
||||
|
# * auth_admin_passkey |
||||
|
# |
||||
|
msgid "" |
||||
|
msgstr "" |
||||
|
"Project-Id-Version: OpenERP Server 7.0\n" |
||||
|
"Report-Msgid-Bugs-To: \n" |
||||
|
"POT-Creation-Date: 2014-03-23 20:41+0000\n" |
||||
|
"PO-Revision-Date: 2014-03-23 20:41+0000\n" |
||||
|
"Last-Translator: <>\n" |
||||
|
"Language-Team: \n" |
||||
|
"MIME-Version: 1.0\n" |
||||
|
"Content-Type: text/plain; charset=UTF-8\n" |
||||
|
"Content-Transfer-Encoding: \n" |
||||
|
"Plural-Forms: \n" |
||||
|
|
||||
|
#. module: auth_admin_passkey |
||||
|
#: code:addons/auth_admin_passkey/model/res_users.py:66 |
||||
|
#, python-format |
||||
|
msgid "<pre>User with login '%s' has the same password as you.</pre>" |
||||
|
msgstr "" |
||||
|
|
||||
|
#. module: auth_admin_passkey |
||||
|
#: code:addons/auth_admin_passkey/model/res_users.py:44 |
||||
|
#, python-format |
||||
|
msgid "Admin user used his passkey to login with '%s'.\n" |
||||
|
"\n" |
||||
|
"\n" |
||||
|
"\n" |
||||
|
"Technicals informations belows : \n" |
||||
|
"\n" |
||||
|
"- Login date : %s\n" |
||||
|
"\n" |
||||
|
"" |
||||
|
msgstr "" |
||||
|
|
||||
|
#. module: auth_admin_passkey |
||||
|
#: view:base.config.settings:0 |
||||
|
msgid "Passkey" |
||||
|
msgstr "" |
||||
|
|
||||
|
#. module: auth_admin_passkey |
||||
|
#: code:addons/auth_admin_passkey/model/res_users.py:42 |
||||
|
#, python-format |
||||
|
msgid "Passkey used" |
||||
|
msgstr "" |
||||
|
|
||||
|
#. module: auth_admin_passkey |
||||
|
#: field:base.config.settings,auth_admin_passkey_send_to_admin:0 |
||||
|
msgid "Send email to admin user." |
||||
|
msgstr "" |
||||
|
|
||||
|
#. module: auth_admin_passkey |
||||
|
#: field:base.config.settings,auth_admin_passkey_send_to_user:0 |
||||
|
msgid "Send email to user." |
||||
|
msgstr "" |
||||
|
|
||||
|
#. module: auth_admin_passkey |
||||
|
#: code:_description:0 |
||||
|
#: model:ir.model,name:auth_admin_passkey.model_res_users |
||||
|
#, python-format |
||||
|
msgid "Users" |
||||
|
msgstr "" |
||||
|
|
||||
|
#. module: auth_admin_passkey |
||||
|
#: help:base.config.settings,auth_admin_passkey_send_to_user:0 |
||||
|
msgid "When the administrator use his password to login in with a different account, OpenERP will send an email to the account user." |
||||
|
msgstr "" |
||||
|
|
||||
|
#. module: auth_admin_passkey |
||||
|
#: help:base.config.settings,auth_admin_passkey_send_to_admin:0 |
||||
|
msgid "When the administrator use his password to login in with a different account, OpenERP will send an email to the admin user." |
||||
|
msgstr "" |
||||
|
|
||||
|
#. module: auth_admin_passkey |
||||
|
#: code:addons/auth_admin_passkey/model/res_users.py:64 |
||||
|
#, python-format |
||||
|
msgid "[WARNING] OpenERP Security Risk" |
||||
|
msgstr "" |
||||
|
|
@ -0,0 +1,108 @@ |
|||||
|
############################################################################## |
||||
|
# |
||||
|
# Admin Passkey module for OpenERP |
||||
|
# Copyright (C) 2013-2014 GRAP (http://www.grap.coop) |
||||
|
# @author Sylvain LE GAL (https://twitter.com/legalsylvain) |
||||
|
# |
||||
|
# This program is free software: you can redistribute it and/or modify |
||||
|
# it under the terms of the GNU Affero General Public License as |
||||
|
# published by the Free Software Foundation, either version 3 of the |
||||
|
# License, or (at your option) any later version. |
||||
|
# |
||||
|
# This program is distributed in the hope that it will be useful, |
||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||||
|
# GNU Affero General Public License for more details. |
||||
|
# |
||||
|
# You should have received a copy of the GNU Affero General Public License |
||||
|
# along with this program. If not, see <http://www.gnu.org/licenses/>. |
||||
|
# |
||||
|
############################################################################## |
||||
|
# Translation of OpenERP Server. |
||||
|
# This file contains the translation of the following modules: |
||||
|
# * auth_admin_passkey |
||||
|
# |
||||
|
msgid "" |
||||
|
msgstr "" |
||||
|
"Project-Id-Version: OpenERP Server 7.0\n" |
||||
|
"Report-Msgid-Bugs-To: \n" |
||||
|
"POT-Creation-Date: 2014-03-23 20:38+0000\n" |
||||
|
"PO-Revision-Date: 2014-03-23 20:38+0000\n" |
||||
|
"Last-Translator: <>\n" |
||||
|
"Language-Team: \n" |
||||
|
"MIME-Version: 1.0\n" |
||||
|
"Content-Type: text/plain; charset=UTF-8\n" |
||||
|
"Content-Transfer-Encoding: \n" |
||||
|
"Plural-Forms: \n" |
||||
|
|
||||
|
#. module: auth_admin_passkey |
||||
|
#: code:addons/auth_admin_passkey/model/res_users.py:66 |
||||
|
#, python-format |
||||
|
msgid "<pre>User with login '%s' has the same password as you.</pre>" |
||||
|
msgstr "<pre>L'utilisateur dont l'identifiant est '%s' a le même mot de passe que vous.</pre>" |
||||
|
|
||||
|
#. module: auth_admin_passkey |
||||
|
#: code:addons/auth_admin_passkey/model/res_users.py:44 |
||||
|
#, python-format |
||||
|
msgid "Admin user used his passkey to login with '%s'.\n" |
||||
|
"\n" |
||||
|
"\n" |
||||
|
"\n" |
||||
|
"Technicals informations belows : \n" |
||||
|
"\n" |
||||
|
"- Login date : %s\n" |
||||
|
"\n" |
||||
|
"" |
||||
|
msgstr "L'administrateur a utilisé son mot de passe \"bris de glace\" pour s'identifier avec l'identifiant '%s'.\n" |
||||
|
"\n" |
||||
|
"\n" |
||||
|
"\n" |
||||
|
"Informations techniques ci-dessous : \n" |
||||
|
"\n" |
||||
|
"- Date d'authentification : %s\n" |
||||
|
"\n" |
||||
|
"" |
||||
|
|
||||
|
#. module: auth_admin_passkey |
||||
|
#: view:base.config.settings:0 |
||||
|
msgid "Passkey" |
||||
|
msgstr "Mot de passe \"bris de glace\"" |
||||
|
|
||||
|
#. module: auth_admin_passkey |
||||
|
#: code:addons/auth_admin_passkey/model/res_users.py:42 |
||||
|
#, python-format |
||||
|
msgid "Passkey used" |
||||
|
msgstr "Mot de passe \"bris de glace\" utilisé" |
||||
|
|
||||
|
#. module: auth_admin_passkey |
||||
|
#: field:base.config.settings,auth_admin_passkey_send_to_admin:0 |
||||
|
msgid "Send email to admin user." |
||||
|
msgstr "Envoyer un email à l'administrateur." |
||||
|
|
||||
|
#. module: auth_admin_passkey |
||||
|
#: field:base.config.settings,auth_admin_passkey_send_to_user:0 |
||||
|
msgid "Send email to user." |
||||
|
msgstr "Envoyer un email à l'utilisateur." |
||||
|
|
||||
|
#. module: auth_admin_passkey |
||||
|
#: code:_description:0 |
||||
|
#: model:ir.model,name:auth_admin_passkey.model_res_users |
||||
|
#, python-format |
||||
|
msgid "Users" |
||||
|
msgstr "Utilisateurs" |
||||
|
|
||||
|
#. module: auth_admin_passkey |
||||
|
#: help:base.config.settings,auth_admin_passkey_send_to_user:0 |
||||
|
msgid "When the administrator use his password to login in with a different account, OpenERP will send an email to the account user." |
||||
|
msgstr "Quand l'administrateur utilise son mot de passe pour s'authentifier avec un compte différent, OpenERP lui enverra un mail." |
||||
|
|
||||
|
#. module: auth_admin_passkey |
||||
|
#: help:base.config.settings,auth_admin_passkey_send_to_admin:0 |
||||
|
msgid "When the administrator use his password to login in with a different account, OpenERP will send an email to the admin user." |
||||
|
msgstr "Quand l'administrateur utilise son mot de passe pour s'authentifier avec un compte différent, OpenERP enverra un mail à l'utilisateur." |
||||
|
|
||||
|
#. module: auth_admin_passkey |
||||
|
#: code:addons/auth_admin_passkey/model/res_users.py:64 |
||||
|
#, python-format |
||||
|
msgid "[WARNING] OpenERP Security Risk" |
||||
|
msgstr "[WARNING] Faille de sécurité sur OpenERP" |
@ -0,0 +1,24 @@ |
|||||
|
# -*- encoding: utf-8 -*- |
||||
|
############################################################################## |
||||
|
# |
||||
|
# Admin Passkey module for OpenERP |
||||
|
# Copyright (C) 2013-2014 GRAP (http://www.grap.coop) |
||||
|
# @author Sylvain LE GAL (https://twitter.com/legalsylvain) |
||||
|
# |
||||
|
# This program is free software: you can redistribute it and/or modify |
||||
|
# it under the terms of the GNU Affero General Public License as |
||||
|
# published by the Free Software Foundation, either version 3 of the |
||||
|
# License, or (at your option) any later version. |
||||
|
# |
||||
|
# This program is distributed in the hope that it will be useful, |
||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||||
|
# GNU Affero General Public License for more details. |
||||
|
# |
||||
|
# You should have received a copy of the GNU Affero General Public License |
||||
|
# along with this program. If not, see <http://www.gnu.org/licenses/>. |
||||
|
# |
||||
|
############################################################################## |
||||
|
|
||||
|
from . import res_config |
||||
|
from . import res_users |
@ -0,0 +1,76 @@ |
|||||
|
# -*- encoding: utf-8 -*- |
||||
|
############################################################################## |
||||
|
# |
||||
|
# Admin Passkey module for OpenERP |
||||
|
# Copyright (C) 2013-2014 GRAP (http://www.grap.coop) |
||||
|
# @author Sylvain LE GAL (https://twitter.com/legalsylvain) |
||||
|
# |
||||
|
# This program is free software: you can redistribute it and/or modify |
||||
|
# it under the terms of the GNU Affero General Public License as |
||||
|
# published by the Free Software Foundation, either version 3 of the |
||||
|
# License, or (at your option) any later version. |
||||
|
# |
||||
|
# This program is distributed in the hope that it will be useful, |
||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||||
|
# GNU Affero General Public License for more details. |
||||
|
# |
||||
|
# You should have received a copy of the GNU Affero General Public License |
||||
|
# along with this program. If not, see <http://www.gnu.org/licenses/>. |
||||
|
# |
||||
|
############################################################################## |
||||
|
|
||||
|
from openerp.osv import fields |
||||
|
from openerp.osv.orm import TransientModel |
||||
|
from openerp.tools.safe_eval import safe_eval |
||||
|
|
||||
|
|
||||
|
class base_config_settings(TransientModel): |
||||
|
_inherit = 'base.config.settings' |
||||
|
|
||||
|
# Getter / Setter Section |
||||
|
def get_default_auth_admin_passkey_send_to_admin( |
||||
|
self, cr, uid, ids, context=None): |
||||
|
icp = self.pool['ir.config_parameter'] |
||||
|
return { |
||||
|
'auth_admin_passkey_send_to_admin': safe_eval(icp.get_param( |
||||
|
cr, uid, 'auth_admin_passkey.send_to_admin', 'True')), |
||||
|
} |
||||
|
|
||||
|
def set_auth_admin_passkey_send_to_admin(self, cr, uid, ids, context=None): |
||||
|
config = self.browse(cr, uid, ids[0], context=context) |
||||
|
icp = self.pool['ir.config_parameter'] |
||||
|
icp.set_param( |
||||
|
cr, uid, 'auth_admin_passkey.send_to_admin', |
||||
|
repr(config.auth_admin_passkey_send_to_admin)) |
||||
|
|
||||
|
def get_default_auth_admin_passkey_send_to_user( |
||||
|
self, cr, uid, ids, context=None): |
||||
|
icp = self.pool['ir.config_parameter'] |
||||
|
return { |
||||
|
'auth_admin_passkey_send_to_user': safe_eval(icp.get_param( |
||||
|
cr, uid, 'auth_admin_passkey.send_to_user', 'True')), |
||||
|
} |
||||
|
|
||||
|
def set_auth_admin_passkey_send_to_user(self, cr, uid, ids, context=None): |
||||
|
config = self.browse(cr, uid, ids[0], context=context) |
||||
|
icp = self.pool['ir.config_parameter'] |
||||
|
icp.set_param( |
||||
|
cr, uid, 'auth_admin_passkey.send_to_user', |
||||
|
repr(config.auth_admin_passkey_send_to_user)) |
||||
|
|
||||
|
# Columns Section |
||||
|
_columns = { |
||||
|
'auth_admin_passkey_send_to_admin': fields.boolean( |
||||
|
'Send email to admin user.', |
||||
|
help="""When the administrator use his password to login in """ |
||||
|
"""with a different account, OpenERP will send an email """ |
||||
|
"""to the admin user.""", |
||||
|
), |
||||
|
'auth_admin_passkey_send_to_user': fields.boolean( |
||||
|
string='Send email to user.', |
||||
|
help="""When the administrator use his password to login in """ |
||||
|
"""with a different account, OpenERP will send an email """ |
||||
|
"""to the account user.""", |
||||
|
), |
||||
|
} |
@ -0,0 +1,137 @@ |
|||||
|
# -*- encoding: utf-8 -*- |
||||
|
############################################################################## |
||||
|
# |
||||
|
# Admin Passkey module for OpenERP |
||||
|
# Copyright (C) 2013-2014 GRAP (http://www.grap.coop) |
||||
|
# @author Sylvain LE GAL (https://twitter.com/legalsylvain) |
||||
|
# |
||||
|
# This program is free software: you can redistribute it and/or modify |
||||
|
# it under the terms of the GNU Affero General Public License as |
||||
|
# published by the Free Software Foundation, either version 3 of the |
||||
|
# License, or (at your option) any later version. |
||||
|
# |
||||
|
# This program is distributed in the hope that it will be useful, |
||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||||
|
# GNU Affero General Public License for more details. |
||||
|
# |
||||
|
# You should have received a copy of the GNU Affero General Public License |
||||
|
# along with this program. If not, see <http://www.gnu.org/licenses/>. |
||||
|
# |
||||
|
############################################################################## |
||||
|
|
||||
|
import datetime |
||||
|
|
||||
|
from openerp import SUPERUSER_ID |
||||
|
from openerp import pooler |
||||
|
from openerp import exceptions |
||||
|
from openerp.osv.orm import Model |
||||
|
from openerp.tools.translate import _ |
||||
|
from openerp.tools.safe_eval import safe_eval |
||||
|
|
||||
|
|
||||
|
class res_users(Model): |
||||
|
_inherit = "res.users" |
||||
|
|
||||
|
# Private Function section |
||||
|
def _get_translation(self, cr, lang, text): |
||||
|
context = {'lang': lang} |
||||
|
return _(text) |
||||
|
|
||||
|
def _send_email_passkey(self, cr, user_id, user_agent_env): |
||||
|
""" Send a email to the admin of the system and / or the user |
||||
|
to inform passkey use.""" |
||||
|
mails = [] |
||||
|
mail_obj = self.pool['mail.mail'] |
||||
|
icp_obj = self.pool['ir.config_parameter'] |
||||
|
admin_user = self.browse(cr, SUPERUSER_ID, SUPERUSER_ID) |
||||
|
login_user = self.browse(cr, SUPERUSER_ID, user_id) |
||||
|
send_to_admin = safe_eval(icp_obj.get_param( |
||||
|
cr, SUPERUSER_ID, 'auth_admin_passkey.send_to_admin', 'True')) |
||||
|
send_to_user = safe_eval(icp_obj.get_param( |
||||
|
cr, SUPERUSER_ID, 'auth_admin_passkey.send_to_user', 'True')) |
||||
|
|
||||
|
if send_to_admin and admin_user.email: |
||||
|
mails.append({'email': admin_user.email, 'lang': admin_user.lang}) |
||||
|
if send_to_user and login_user.email: |
||||
|
mails.append({'email': login_user.email, 'lang': login_user.lang}) |
||||
|
|
||||
|
for mail in mails: |
||||
|
subject = self._get_translation( |
||||
|
cr, mail['lang'], _('Passkey used')) |
||||
|
body = self._get_translation( |
||||
|
cr, mail['lang'], |
||||
|
_("""Admin user used his passkey to login with '%s'.\n\n""" |
||||
|
"""\n\nTechnicals informations belows : \n\n""" |
||||
|
"""- Login date : %s\n\n""")) % ( |
||||
|
login_user.login, |
||||
|
datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S")) |
||||
|
for k, v in user_agent_env.iteritems(): |
||||
|
body += ("- %s : %s\n\n") % (k, v) |
||||
|
mail_obj.create( |
||||
|
cr, SUPERUSER_ID, { |
||||
|
'email_to': mail['email'], |
||||
|
'subject': subject, |
||||
|
'body_html': '<pre>%s</pre>' % body}) |
||||
|
|
||||
|
def _send_email_same_password(self, cr, login_user): |
||||
|
""" Send a email to the admin user to inform that another user has the |
||||
|
same password as him.""" |
||||
|
mail_obj = self.pool['mail.mail'] |
||||
|
admin_user = self.browse(cr, SUPERUSER_ID, SUPERUSER_ID) |
||||
|
if admin_user.email: |
||||
|
mail_obj.create(cr, SUPERUSER_ID, { |
||||
|
'email_to': admin_user.email, |
||||
|
'subject': self._get_translation( |
||||
|
cr, admin_user.lang, _('[WARNING] OpenERP Security Risk')), |
||||
|
'body_html': self._get_translation( |
||||
|
cr, admin_user.lang, _( |
||||
|
"""<pre>User with login '%s' has the same """ |
||||
|
"""password as you.</pre>""")) % (login_user), |
||||
|
}) |
||||
|
|
||||
|
# Overload Section |
||||
|
def authenticate(self, db, login, password, user_agent_env): |
||||
|
""" Authenticate the user 'login' is password is ok or if |
||||
|
is admin password. In the second case, send mail to user and admin.""" |
||||
|
user_id = super(res_users, self).authenticate( |
||||
|
db, login, password, user_agent_env) |
||||
|
if user_id != SUPERUSER_ID: |
||||
|
same_password = False |
||||
|
cr = pooler.get_db(db).cursor() |
||||
|
try: |
||||
|
# directly use parent 'check_credentials' function |
||||
|
# to really know if credentials are ok |
||||
|
# or if it was admin password |
||||
|
super(res_users, self).check_credentials( |
||||
|
cr, SUPERUSER_ID, password) |
||||
|
try: |
||||
|
# Test now if the user has the same password as admin user |
||||
|
super(res_users, self).check_credentials( |
||||
|
cr, user_id, password) |
||||
|
same_password = True |
||||
|
except exceptions.AccessDenied: |
||||
|
pass |
||||
|
if not same_password: |
||||
|
self._send_email_passkey(cr, user_id, user_agent_env) |
||||
|
else: |
||||
|
self._send_email_same_password(cr, login) |
||||
|
cr.commit() |
||||
|
except exceptions.AccessDenied: |
||||
|
pass |
||||
|
finally: |
||||
|
cr.close() |
||||
|
return user_id |
||||
|
|
||||
|
def check_credentials(self, cr, uid, password): |
||||
|
""" Return now True if credentials are good OR if password is admin |
||||
|
password.""" |
||||
|
if uid != SUPERUSER_ID: |
||||
|
try: |
||||
|
super(res_users, self).check_credentials( |
||||
|
cr, uid, password) |
||||
|
return True |
||||
|
except exceptions.AccessDenied: |
||||
|
return self.check_credentials(cr, SUPERUSER_ID, password) |
||||
|
else: |
||||
|
return super(res_users, self).check_credentials(cr, uid, password) |
After Width: 128 | Height: 128 | Size: 4.0 KiB |
@ -0,0 +1,47 @@ |
|||||
|
<?xml version="1.0" encoding="UTF-8"?> |
||||
|
<!-- ********************************************************************** --> |
||||
|
<!--Admin Passkey module for OpenERP --> |
||||
|
<!--Copyright (C) 2013-2014 GRAP (http://www.grap.coop) --> |
||||
|
<!--@author Sylvain LE GAL (https://twitter.com/legalsylvain) --> |
||||
|
|
||||
|
<!--This program is free software: you can redistribute it and/or modify --> |
||||
|
<!--it under the terms of the GNU Affero General Public License as --> |
||||
|
<!--published by the Free Software Foundation, either version 3 of the --> |
||||
|
<!--License, or (at your option) any later version. --> |
||||
|
|
||||
|
<!--This program is distributed in the hope that it will be useful, --> |
||||
|
<!--but WITHOUT ANY WARRANTY; without even the implied warranty of --> |
||||
|
<!--MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --> |
||||
|
<!--GNU Affero General Public License for more details. --> |
||||
|
|
||||
|
<!--You should have received a copy of the GNU Affero General Public License--> |
||||
|
<!--along with this program. If not, see <http://www.gnu.org/licenses/>. --> |
||||
|
<!-- ********************************************************************** --> |
||||
|
<openerp> |
||||
|
<data> |
||||
|
|
||||
|
<record id="view_res_config_settings" model="ir.ui.view"> |
||||
|
<field name="name">base.config.settings.view</field> |
||||
|
<field name="model">base.config.settings</field> |
||||
|
<field name="inherit_id" ref="base_setup.view_general_configuration"/> |
||||
|
<field name="arch" type="xml"> |
||||
|
<xpath expr="//label[@string='Email']/.." position='after'> |
||||
|
<group> |
||||
|
<label for="id" string="Passkey"/> |
||||
|
<div> |
||||
|
<div> |
||||
|
<field name="auth_admin_passkey_send_to_admin" class="oe_inline"/> |
||||
|
<label for="auth_admin_passkey_send_to_admin"/> |
||||
|
</div> |
||||
|
<div> |
||||
|
<field name="auth_admin_passkey_send_to_user" class="oe_inline"/> |
||||
|
<label for="auth_admin_passkey_send_to_user"/> |
||||
|
</div> |
||||
|
</div> |
||||
|
</group> |
||||
|
</xpath> |
||||
|
</field> |
||||
|
</record> |
||||
|
|
||||
|
</data> |
||||
|
</openerp> |
Write
Preview
Loading…
Cancel
Save
Reference in new issue