Browse Source
Merge pull request #133 from acsone/inactive_sessions_timeout-cpi
Merge pull request #133 from acsone/inactive_sessions_timeout-cpi
Add a new module to logout inactive session after a configured delaypull/226/head
Nhomar Hernández [Vauxoo]
9 years ago
7 changed files with 228 additions and 0 deletions
-
46inactive_session_timeout/README.rst
-
2inactive_session_timeout/__init__.py
-
44inactive_session_timeout/__openerp__.py
-
17inactive_session_timeout/data/ir_config_parameter_data.xml
-
3inactive_session_timeout/models/__init__.py
-
54inactive_session_timeout/models/ir_config_parameter.py
-
62inactive_session_timeout/models/res_users.py
@ -0,0 +1,46 @@ |
|||
.. image:: https://img.shields.io/badge/licence-AGPL--3-blue.svg |
|||
:alt: License: AGPL-3 |
|||
|
|||
Inactive Sessions Timeout |
|||
========================= |
|||
|
|||
This module was written to be able to kill(logout) all inactive sessions since |
|||
a given delay. On each request the server checks if the session is yet valid |
|||
regarding the expiration delay. If not a clean logout is operated. |
|||
|
|||
Configuration |
|||
============= |
|||
|
|||
Two system parameters are available: |
|||
|
|||
* inactive_session_time_out_delay: validity of a session in seconds (default = 2 Hours) |
|||
* inactive_session_time_out_ignored_url: technical urls where the check does not occur |
|||
|
|||
Bug Tracker |
|||
=========== |
|||
|
|||
Bugs are tracked on `GitHub Issues <https://github.com/OCA/server-tools/issues>`_. |
|||
In case of trouble, please check there if your issue has already been reported. |
|||
If you spotted it first, help us smashing it by providing a detailed and welcomed feedback |
|||
`here <https://github.com/OCA/server-tools/issues/new?body=module:%20inactive_session_timeout%0Aversion:%208.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_. |
|||
|
|||
Credits |
|||
======= |
|||
|
|||
Contributors |
|||
------------ |
|||
|
|||
* Cédric Pigeon <cedric.pigeon@acsone.eu> |
|||
|
|||
Maintainer |
|||
---------- |
|||
|
|||
.. image:: http://odoo-community.org/logo.png |
|||
:alt: Odoo Community Association |
|||
:target: http://odoo-community.org |
|||
|
|||
This module is maintained by the OCA. |
|||
|
|||
OCA, or the Odoo Community Association, is a nonprofit organization whose mission is to support the collaborative development of Odoo features and promote its widespread use. |
|||
|
|||
To contribute to this module, please visit http://odoo-community.org. |
@ -0,0 +1,2 @@ |
|||
# -*- coding: utf-8 -*- |
|||
from . import models |
@ -0,0 +1,44 @@ |
|||
# -*- coding: utf-8 -*- |
|||
############################################################################## |
|||
|
|||
# This file is part of inactive_session_timeout, an Odoo module. |
|||
# |
|||
# Copyright (c) 2015 ACSONE SA/NV (<http://acsone.eu>) |
|||
# |
|||
# inactive_session_timeout is free software: you can redistribute it |
|||
# and/or modify it under the terms of the GNU Affero General Public License |
|||
# as published by the Free Software Foundation, either version 3 of |
|||
# the License, or (at your option) any later version. |
|||
# |
|||
# inactive_session_timeout is distributed in the hope that it will |
|||
# be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of |
|||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|||
# GNU Affero General Public License for more details. |
|||
# |
|||
# You should have received a copy of the |
|||
# GNU Affero General Public License |
|||
# along with inactive_session_timeout. |
|||
# If not, see <http://www.gnu.org/licenses/>. |
|||
# |
|||
############################################################################## |
|||
{ |
|||
'name': "Inactive Sessions Timeout", |
|||
|
|||
'summary': """ |
|||
This module disable all inactive sessions since a given delay""", |
|||
|
|||
'author': "ACSONE SA/NV", "Odoo Community Association (OCA)" |
|||
'website': "http://acsone.eu", |
|||
|
|||
'category': 'Tools', |
|||
'version': '1.0', |
|||
'license': 'AGPL-3', |
|||
|
|||
'depends': [ |
|||
'base', |
|||
], |
|||
|
|||
'data': [ |
|||
'data/ir_config_parameter_data.xml' |
|||
] |
|||
} |
@ -0,0 +1,17 @@ |
|||
<?xml version='1.0' encoding='UTF-8' ?> |
|||
<openerp> |
|||
|
|||
<data noupdate="1"> |
|||
<record id="inactive_session_time_out_delay" model="ir.config_parameter"> |
|||
<field name="key">inactive_session_time_out_delay</field> |
|||
<field name="value">7200</field> |
|||
</record> |
|||
</data> |
|||
|
|||
<data noupdate="1"> |
|||
<record id="inactive_session_time_out_ignored_url" model="ir.config_parameter"> |
|||
<field name="key">inactive_session_time_out_ignored_url</field> |
|||
<field name="value">/calendar/notify,/longpolling/poll</field> |
|||
</record> |
|||
</data> |
|||
</openerp> |
@ -0,0 +1,3 @@ |
|||
# -*- coding: utf-8 -*- |
|||
from . import res_users |
|||
from . import ir_config_parameter |
@ -0,0 +1,54 @@ |
|||
# -*- coding: utf-8 -*- |
|||
############################################################################## |
|||
|
|||
# This file is part of inactive_session_timeout, an Odoo module. |
|||
# |
|||
# Copyright (c) 2015 ACSONE SA/NV (<http://acsone.eu>) |
|||
# |
|||
# inactive_session_timeout is free software: you can redistribute it |
|||
# and/or modify it under the terms of the GNU Affero General Public License |
|||
# as published by the Free Software Foundation, either version 3 of |
|||
# the License, or (at your option) any later version. |
|||
# |
|||
# inactive_session_timeout is distributed in the hope that it will |
|||
# be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of |
|||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|||
# GNU Affero General Public License for more details. |
|||
# |
|||
# You should have received a copy of the |
|||
# GNU Affero General Public License |
|||
# along with inactive_session_timeout. |
|||
# If not, see <http://www.gnu.org/licenses/>. |
|||
# |
|||
############################################################################## |
|||
from openerp import models, api, tools, SUPERUSER_ID |
|||
|
|||
|
|||
DELAY_KEY = 'inactive_session_time_out_delay' |
|||
IGNORED_PATH_KEY = 'inactive_session_time_out_ignored_url' |
|||
|
|||
|
|||
class IrConfigParameter(models.Model): |
|||
_inherit = 'ir.config_parameter' |
|||
|
|||
@tools.ormcache(skiparg=0) |
|||
def get_session_parameters(self, db): |
|||
param_model = self.pool['ir.config_parameter'] |
|||
cr = self.pool.cursor() |
|||
delay = False |
|||
urls = [] |
|||
try: |
|||
delay = int(param_model.get_param( |
|||
cr, SUPERUSER_ID, DELAY_KEY, 7200)) |
|||
urls = param_model.get_param( |
|||
cr, SUPERUSER_ID, IGNORED_PATH_KEY, '').split(',') |
|||
finally: |
|||
cr.close() |
|||
return delay, urls |
|||
|
|||
@api.multi |
|||
def write(self, vals, context=None): |
|||
res = super(IrConfigParameter, self).write(vals) |
|||
if self.key in [DELAY_KEY, IGNORED_PATH_KEY]: |
|||
self.get_session_parameters.clear_cache(self) |
|||
return res |
@ -0,0 +1,62 @@ |
|||
# -*- coding: utf-8 -*- |
|||
############################################################################## |
|||
|
|||
# This file is part of inactive_session_timeout, an Odoo module. |
|||
# |
|||
# Copyright (c) 2015 ACSONE SA/NV (<http://acsone.eu>) |
|||
# |
|||
# inactive_session_timeout is free software: you can redistribute it |
|||
# and/or modify it under the terms of the GNU Affero General Public License |
|||
# as published by the Free Software Foundation, either version 3 of |
|||
# the License, or (at your option) any later version. |
|||
# |
|||
# inactive_session_timeout is distributed in the hope that it will |
|||
# be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of |
|||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|||
# GNU Affero General Public License for more details. |
|||
# |
|||
# You should have received a copy of the |
|||
# GNU Affero General Public License |
|||
# along with inactive_session_timeout. |
|||
# If not, see <http://www.gnu.org/licenses/>. |
|||
# |
|||
############################################################################## |
|||
from openerp import models |
|||
from openerp import http |
|||
|
|||
from openerp.http import root |
|||
from openerp.http import request |
|||
|
|||
from os import utime |
|||
from os.path import getmtime |
|||
from time import time |
|||
|
|||
|
|||
class ResUsers(models.Model): |
|||
_inherit = 'res.users' |
|||
|
|||
def _check_session_validity(self, db, uid, passwd): |
|||
if not request: |
|||
return |
|||
session = request.session |
|||
session_store = root.session_store |
|||
param_obj = self.pool['ir.config_parameter'] |
|||
delay, urls = param_obj.get_session_parameters(db) |
|||
deadline = time() - delay |
|||
path = session_store.get_session_filename(session.sid) |
|||
try: |
|||
if getmtime(path) < deadline: |
|||
if session.db and session.uid: |
|||
session.logout(keep_db=True) |
|||
elif http.request.httprequest.path not in urls: |
|||
# the session is not expired, update the last modification |
|||
# and access time. |
|||
utime(path, None) |
|||
except OSError: |
|||
pass |
|||
return |
|||
|
|||
def check(self, db, uid, passwd): |
|||
res = super(ResUsers, self).check(db, uid, passwd) |
|||
self._check_session_validity(db, uid, passwd) |
|||
return res |
Write
Preview
Loading…
Cancel
Save
Reference in new issue