OCA
/
server-tools
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Browse Source

[REF] Pep8.

pull/2/head
Sylvain LE GAL 11 years ago
parent
dbbef72026
commit
80a2e93c8d
3 changed files with 80 additions and 67 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 6
      auth_admin_passkey/__openerp__.py
  2. 51
      auth_admin_passkey/model/res_config.py
  3. 90
      auth_admin_passkey/model/res_users.py

6
auth_admin_passkey/__openerp__.py
View File

@ -28,11 +28,11 @@
Admin password become a passkey for all active logins
=====================================================
Functionnality :
----------------
Functionality :
---------------
* Administrator has now the possibility to login in with any login;
* By default, OpenERP will send a mail to user and admin to indicate them;
* If a user has the same password as the admin, OpenERP will inform the admin;
* If a user and the admin has the same password, admin will be informed;
Technical information :
-----------------------

51
auth_admin_passkey/model/res_config.py
View File

@ -24,50 +24,53 @@ from openerp.osv import fields
from openerp.osv.orm import TransientModel
from openerp.tools.safe_eval import safe_eval
class base_config_settings(TransientModel):
_inherit = 'base.config.settings'
### Getter / Setter Section
def get_default_auth_admin_passkey_send_to_admin(self, cr, uid, ids,
context=None):
# Getter / Setter Section
def get_default_auth_admin_passkey_send_to_admin(
self, cr, uid, ids, context=None):
icp = self.pool['ir.config_parameter']
return {
'auth_admin_passkey_send_to_admin' : safe_eval(icp.get_param(cr,
uid, 'auth_admin_passkey.send_to_admin', 'True')),
'auth_admin_passkey_send_to_admin': safe_eval(icp.get_param(
cr, uid, 'auth_admin_passkey.send_to_admin', 'True')),
}
def set_auth_admin_passkey_send_to_admin(self, cr, uid, ids, context=None):
config = self.browse(cr, uid, ids[0], context=context)
icp = self.pool['ir.config_parameter']
icp.set_param(cr, uid, 'auth_admin_passkey.send_to_admin',
repr(config.auth_admin_passkey_send_to_admin))
icp.set_param(
cr, uid, 'auth_admin_passkey.send_to_admin',
repr(config.auth_admin_passkey_send_to_admin))
def get_default_auth_admin_passkey_send_to_user(self, cr, uid, ids,
context=None):
def get_default_auth_admin_passkey_send_to_user(
self, cr, uid, ids, context=None):
icp = self.pool['ir.config_parameter']
return {
'auth_admin_passkey_send_to_user' : safe_eval(icp.get_param(cr,
uid, 'auth_admin_passkey.send_to_user', 'True')),
'auth_admin_passkey_send_to_user': safe_eval(icp.get_param(
cr, uid, 'auth_admin_passkey.send_to_user', 'True')),
}
def set_auth_admin_passkey_send_to_user(self, cr, uid, ids, context=None):
config = self.browse(cr, uid, ids[0], context=context)
icp = self.pool['ir.config_parameter']
icp.set_param(cr, uid, 'auth_admin_passkey.send_to_user',
repr(config.auth_admin_passkey_send_to_user))
icp.set_param(
cr, uid, 'auth_admin_passkey.send_to_user',
repr(config.auth_admin_passkey_send_to_user))
### Columns Section
# Columns Section
_columns = {
'auth_admin_passkey_send_to_admin': fields.boolean(
'Send email to admin user.',
help="When the administrator use his password to login in "\
"with a different account, OpenERP will send an email "\
"to the admin user.",
),
'Send email to admin user.',
help="""When the administrator use his password to login in """
"""with a different account, OpenERP will send an email """
"""to the admin user.""",
),
'auth_admin_passkey_send_to_user': fields.boolean(
string='Send email to user.',
help="When the administrator use his password to login in "\
"with a different account, OpenERP will send an email "\
"to the account user.",
),
string='Send email to user.',
help="""When the administrator use his password to login in """
"""with a different account, OpenERP will send an email """
"""to the account user.""",
),
}

90
auth_admin_passkey/model/res_users.py
View File

@ -29,83 +29,92 @@ from openerp import exceptions
from openerp.osv.orm import Model
from openerp.tools.translate import _
class res_users(Model):
_inherit = "res.users"
### Private Function section
# Private Function section
def _get_translation(self, cr, lang, text):
context = {'lang': lang}
return _(text)
def _send_email_passkey(self, cr, user_id, user_agent_env):
""" Send a email to the admin of the system and / or the user
to inform passkey use """
""" Send a email to the admin of the system and / or the user
to inform passkey use."""
mails = []
mail_obj = self.pool['mail.mail']
icp_obj = self.pool['ir.config_parameter']
admin_user = self.browse(cr, SUPERUSER_ID, SUPERUSER_ID)
login_user = self.browse(cr, SUPERUSER_ID, user_id)
send_to_admin = literal_eval(icp_obj.get_param(cr, SUPERUSER_ID,
'auth_admin_passkey.send_to_admin', 'True'))
send_to_user = literal_eval(icp_obj.get_param(cr, SUPERUSER_ID,
'auth_admin_passkey.send_to_user', 'True'))
if send_to_admin and admin_user.email:
mails.append({'email': admin_user.email, 'lang': admin_user.lang,})
send_to_admin = literal_eval(icp_obj.get_param(
cr, SUPERUSER_ID, 'auth_admin_passkey.send_to_admin', 'True'))
send_to_user = literal_eval(icp_obj.get_param(
cr, SUPERUSER_ID, 'auth_admin_passkey.send_to_user', 'True'))
if send_to_admin and admin_user.email:
mails.append({'email': admin_user.email, 'lang': admin_user.lang})
if send_to_user and login_user.email:
mails.append({'email': login_user.email, 'lang': login_user.lang,})
mails.append({'email': login_user.email, 'lang': login_user.lang})
for mail in mails:
subject = self._get_translation(cr, mail['lang'], _('Passkey used'))
body = self._get_translation(cr, mail['lang'],
_("""Admin user used his passkey to login with '%s'.\n\n"""\
"""\n\nTechnicals informations belows : \n\n"""\
"""- Login date : %s\n\n""")) %(login_user.login,
datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S"))
subject = self._get_translation(
cr, mail['lang'], _('Passkey used'))
body = self._get_translation(
cr, mail['lang'],
_("""Admin user used his passkey to login with '%s'.\n\n"""
"""\n\nTechnicals informations belows : \n\n"""
"""- Login date : %s\n\n""")) % (
login_user.login,
datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S"))
for k, v in user_agent_env.iteritems():
body +=("- %s : %s\n\n") % (k, v)
mail_obj.create(cr, SUPERUSER_ID, {
body += ("- %s : %s\n\n") % (k, v)
mail_obj.create(
cr, SUPERUSER_ID, {
'email_to': mail['email'],
'subject': subject,
'body_html': '<pre>%s</pre>' % body})
def _send_email_same_password(self, cr, login_user):
""" Send a email to the admin user to inform that another user has the
same password as him"""
""" Send a email to the admin user to inform that another user has the
same password as him."""
mail_obj = self.pool['mail.mail']
admin_user = self.browse(cr, SUPERUSER_ID, SUPERUSER_ID)
if admin_user.email:
mail_obj.create(cr, SUPERUSER_ID, {
'email_to': admin_user.email,
'subject': self._get_translation(cr, admin_user.lang,
_('[WARNING] OpenERP Security Risk')),
'body_html': self._get_translation(cr, admin_user.lang,
_("""<pre>User with login '%s' has the same """\
"""password as you.</pre>""")) %(login_user),
'subject': self._get_translation(
cr, admin_user.lang, _('[WARNING] OpenERP Security Risk')),
'body_html': self._get_translation(
cr, admin_user.lang, _(
"""<pre>User with login '%s' has the same """
"""password as you.</pre>""")) % (login_user),
})
### Overload Section
# Overload Section
def authenticate(self, db, login, password, user_agent_env):
""" Authenticate the user 'login' is password is ok or if
is admin password. In the second case, send mail to user and admin."""
user_id = super(res_users, self).authenticate(db, login, password,\
user_agent_env)
""" Authenticate the user 'login' is password is ok or if
is admin password. In the second case, send mail to user and admin."""
user_id = super(res_users, self).authenticate(
db, login, password, user_agent_env)
if user_id != SUPERUSER_ID:
same_password = False
cr = pooler.get_db(db).cursor()
try:
# directly use parent 'check_credentials' function
# to really know if credentials are ok or if it was admin password
super(res_users, self).check_credentials(cr, SUPERUSER_ID, password)
# directly use parent 'check_credentials' function
# to really know if credentials are ok
# or if it was admin password
super(res_users, self).check_credentials(
cr, SUPERUSER_ID, password)
try:
# Test now if the user has the same password as admin user
super(res_users, self).check_credentials(cr, user_id, password)
super(res_users, self).check_credentials(
cr, user_id, password)
same_password = True
except exceptions.AccessDenied:
pass
if not same_password:
self._send_email_passkey(cr, user_id, user_agent_env)
else:
else:
self._send_email_same_password(cr, login)
cr.commit()
except exceptions.AccessDenied:
@ -116,12 +125,13 @@ class res_users(Model):
def check_credentials(self, cr, uid, password):
""" Return now True if credentials are good OR if password is admin
password"""
password."""
if uid != SUPERUSER_ID:
try:
self.check_credentials(cr, SUPERUSER_ID, password)
return True
except exceptions.AccessDenied:
return super(res_users, self).check_credentials(cr, uid, password)
return super(res_users, self).check_credentials(
cr, uid, password)
else:
return super(res_users, self).check_credentials(cr, uid, password)
Write Preview
Loading…
Cancel
Save