From 48be23c647b54423f26841721562b0932549a1a9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9dric=20Pigeon?= Date: Mon, 9 Mar 2015 11:10:01 +0100 Subject: [PATCH] Add a new module to logout inactive session after a configured delay --- inactive_session_timeout/README.rst | 35 +++++++++++ inactive_session_timeout/__init__.py | 2 + inactive_session_timeout/__openerp__.py | 44 +++++++++++++ .../data/ir_config_parameter_data.xml | 17 +++++ inactive_session_timeout/models/__init__.py | 3 + .../models/ir_config_parameter.py | 56 +++++++++++++++++ inactive_session_timeout/models/res_users.py | 62 +++++++++++++++++++ 7 files changed, 219 insertions(+) create mode 100644 inactive_session_timeout/README.rst create mode 100644 inactive_session_timeout/__init__.py create mode 100644 inactive_session_timeout/__openerp__.py create mode 100644 inactive_session_timeout/data/ir_config_parameter_data.xml create mode 100644 inactive_session_timeout/models/__init__.py create mode 100644 inactive_session_timeout/models/ir_config_parameter.py create mode 100644 inactive_session_timeout/models/res_users.py diff --git a/inactive_session_timeout/README.rst b/inactive_session_timeout/README.rst new file mode 100644 index 000000000..734fec3ec --- /dev/null +++ b/inactive_session_timeout/README.rst @@ -0,0 +1,35 @@ +Inactive Sessions Timeout +========================= + +This module was written to be able to kill(logout) all inactive sessions since +a given delay. On each request the server checks if the session is yet valid +regarding the expiration delay. If not a clean logout is operated. + +Configuration +============= + +Two system parameters are available: + +* inactive_session_time_out_delay: validity of a session in seconds (default = 2 Hours) +* inactive_session_time_out_ignored_url: technical urls where the check does not occur + +Credits +======= + +Contributors +------------ + +* Cédric Pigeon + +Maintainer +---------- + +.. image:: http://odoo-community.org/logo.png + :alt: Odoo Community Association + :target: http://odoo-community.org + +This module is maintained by the OCA. + +OCA, or the Odoo Community Association, is a nonprofit organization whose mission is to support the collaborative development of Odoo features and promote its widespread use. + +To contribute to this module, please visit http://odoo-community.org. diff --git a/inactive_session_timeout/__init__.py b/inactive_session_timeout/__init__.py new file mode 100644 index 000000000..a0fdc10fe --- /dev/null +++ b/inactive_session_timeout/__init__.py @@ -0,0 +1,2 @@ +# -*- coding: utf-8 -*- +from . import models diff --git a/inactive_session_timeout/__openerp__.py b/inactive_session_timeout/__openerp__.py new file mode 100644 index 000000000..1143d1cd9 --- /dev/null +++ b/inactive_session_timeout/__openerp__.py @@ -0,0 +1,44 @@ +# -*- coding: utf-8 -*- +############################################################################## + +# This file is part of inactive_session_timeout, an Odoo module. +# +# Copyright (c) 2015 ACSONE SA/NV () +# +# inactive_session_timeout is free software: you can redistribute it +# and/or modify it under the terms of the GNU Affero General Public License +# as published by the Free Software Foundation, either version 3 of +# the License, or (at your option) any later version. +# +# inactive_session_timeout is distributed in the hope that it will +# be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the +# GNU Affero General Public License +# along with inactive_session_timeout. +# If not, see . +# +############################################################################## +{ + 'name': "Inactive Sessions Timeout", + + 'summary': """ + This module disable all inactive sessions since a given delay""", + + 'author': "ACSONE SA/NV", + 'website': "http://acsone.eu", + + 'category': 'Tools', + 'version': '1.0', + 'license': 'AGPL-3', + + 'depends': [ + 'base', + ], + + 'data': [ + 'data/ir_config_parameter_data.xml' + ] +} diff --git a/inactive_session_timeout/data/ir_config_parameter_data.xml b/inactive_session_timeout/data/ir_config_parameter_data.xml new file mode 100644 index 000000000..e87e983c8 --- /dev/null +++ b/inactive_session_timeout/data/ir_config_parameter_data.xml @@ -0,0 +1,17 @@ + + + + + + inactive_session_time_out_delay + 7200 + + + + + + inactive_session_time_out_ignored_url + /calendar/notify,/longpolling/poll + + + diff --git a/inactive_session_timeout/models/__init__.py b/inactive_session_timeout/models/__init__.py new file mode 100644 index 000000000..9893cc6a7 --- /dev/null +++ b/inactive_session_timeout/models/__init__.py @@ -0,0 +1,3 @@ +# -*- coding: utf-8 -*- +from . import res_users +from . import ir_config_parameter diff --git a/inactive_session_timeout/models/ir_config_parameter.py b/inactive_session_timeout/models/ir_config_parameter.py new file mode 100644 index 000000000..b8a97ac77 --- /dev/null +++ b/inactive_session_timeout/models/ir_config_parameter.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +############################################################################## + +# This file is part of inactive_session_timeout, an Odoo module. +# +# Copyright (c) 2015 ACSONE SA/NV () +# +# inactive_session_timeout is free software: you can redistribute it +# and/or modify it under the terms of the GNU Affero General Public License +# as published by the Free Software Foundation, either version 3 of +# the License, or (at your option) any later version. +# +# inactive_session_timeout is distributed in the hope that it will +# be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the +# GNU Affero General Public License +# along with inactive_session_timeout. +# If not, see . +# +############################################################################## +from openerp import models, api + +from openerp import tools +from openerp import SUPERUSER_ID + +DELAY_KEY = 'inactive_session_time_out_delay' +IGNORED_PATH_KEY = 'inactive_session_time_out_ignored_url' + + +class ir_config_parameter(models.Model): + _inherit = 'ir.config_parameter' + + @tools.ormcache(skiparg=0) + def get_session_parameters(self, db): + param_model = self.pool['ir.config_parameter'] + cr = self.pool.cursor() + delay = False + urls = [] + try: + delay = int(param_model.get_param( + cr, SUPERUSER_ID, DELAY_KEY, 7200)) + urls = param_model.get_param( + cr, SUPERUSER_ID, IGNORED_PATH_KEY, '').split(',') + finally: + cr.close() + return delay, urls + + @api.multi + def write(self, vals, context=None): + res = super(ir_config_parameter, self).write(vals) + if self.key in [DELAY_KEY, IGNORED_PATH_KEY]: + self.get_session_parameters.clear_cache(self) + return res diff --git a/inactive_session_timeout/models/res_users.py b/inactive_session_timeout/models/res_users.py new file mode 100644 index 000000000..d645f72cb --- /dev/null +++ b/inactive_session_timeout/models/res_users.py @@ -0,0 +1,62 @@ +# -*- coding: utf-8 -*- +############################################################################## + +# This file is part of inactive_session_timeout, an Odoo module. +# +# Copyright (c) 2015 ACSONE SA/NV () +# +# inactive_session_timeout is free software: you can redistribute it +# and/or modify it under the terms of the GNU Affero General Public License +# as published by the Free Software Foundation, either version 3 of +# the License, or (at your option) any later version. +# +# inactive_session_timeout is distributed in the hope that it will +# be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the +# GNU Affero General Public License +# along with inactive_session_timeout. +# If not, see . +# +############################################################################## +from openerp import models +from openerp import http + +from openerp.http import root +from openerp.http import request + +from os import utime +from os.path import getmtime +from time import time + + +class res_users(models.Model): + _inherit = 'res.users' + + def _check_session_validity(self, db, uid, passwd): + if not request: + return + session = request.session + session_store = root.session_store + param_obj = self.pool['ir.config_parameter'] + delay, urls = param_obj.get_session_parameters(db) + deadline = time() - delay + path = session_store.get_session_filename(session.sid) + try: + if getmtime(path) < deadline: + if session.db and session.uid: + session.logout(keep_db=True) + elif http.request.httprequest.path not in urls: + # the session is not expired, update the last modification + # and access time. + utime(path, None) + except OSError: + pass + return + + def check(self, db, uid, passwd): + res = super(res_users, self).check(db, uid, passwd) + self._check_session_validity(db, uid, passwd) + return res