Browse Source

port auth_from_http_remote_user to 8.0

pull/34/head
Laurent Mignon 11 years ago
parent
commit
c893a706b8
  1. 1
      auth_from_http_remote_user/__openerp__.py
  2. 2
      auth_from_http_remote_user/controllers/__init__.py
  3. 41
      auth_from_http_remote_user/controllers/main.py
  4. 36
      auth_from_http_remote_user/static/src/js/auth_from_http_remote_user.js
  5. 7
      auth_from_http_remote_user/tests/test_res_users.py

1
auth_from_http_remote_user/__openerp__.py

@ -119,7 +119,6 @@ for a login and password outside OpenErp and are automatically logged in the sys
'website': 'http://www.acsone.eu',
'depends': ['web'],
"license": "AGPL-3",
"js": ['static/src/js/auth_from_http_remote_user.js'],
'data': [
'res_config_view.xml',
'res_config_data.xml'],

2
auth_from_http_remote_user/controllers/__init__.py

@ -19,4 +19,4 @@
#
##############################################################################
from . import session
from . import main

41
auth_from_http_remote_user/controllers/session.py → auth_from_http_remote_user/controllers/main.py

@ -21,9 +21,10 @@
from openerp import SUPERUSER_ID
from openerp.addons.web import http
import openerp
from openerp import http
from openerp.http import request
from openerp.addons.web.controllers import main
from openerp.modules.registry import RegistryManager
from .. import utils
import random
@ -33,20 +34,17 @@ import openerp.tools.config as config
_logger = logging.getLogger(__name__)
class Session(main.Session):
_cp_path = "/web/session"
class Home(main.Home):
_REQUIRED_ATTRIBUTES = ['HTTP_REMOTE_USER']
_OPTIONAL_ATTRIBUTES = []
def _get_db(self, db):
if db is not None and len(db) > 0:
return db
db = config['db_name']
if db is None or len(db) == 0:
_logger.error("No db found for SSO. Specify one in the URL using parameter "
"db=? or provide a default one in the configuration")
raise http.AuthenticationError()
@http.route('/web', type='http', auth="none")
def web_client(self, s_action=None, **kw):
main.ensure_db()
if not request.session.uid:
self._bind_http_remote_user(http.request.session.db)
return super(Home, self).web_client(s_action, **kw)
def _get_user_id_from_attributes(self, res_users, cr, attrs):
login = attrs.get('HTTP_REMOTE_USER', None)
@ -56,12 +54,12 @@ class Session(main.Session):
return user_ids[0]
return None
def _get_attributes_form_header(self, req):
def _get_attributes_form_header(self):
attrs = {}
all_attrs = self._REQUIRED_ATTRIBUTES + self._OPTIONAL_ATTRIBUTES
headers = req.httprequest.headers.environ
headers = http.request.httprequest.headers.environ
for attr in all_attrs:
value = headers.get(attr, None)
@ -78,10 +76,9 @@ class Session(main.Session):
_logger.error("Required fields '%s' not found in http headers\n %s", missings, headers)
return attrs
def _bind_http_remote_user(self, req, db_name):
db_name = self._get_db(db_name)
def _bind_http_remote_user(self, db_name):
try:
registry = RegistryManager.get(db_name)
registry = openerp.registry(db_name)
with registry.cursor() as cr:
modules = registry.get('ir.module.module')
installed = modules.search_count(cr, SUPERUSER_ID, ['&',
@ -95,7 +92,7 @@ class Session(main.Session):
# get the user
res_users = registry.get('res.users')
attrs = self._get_attributes_form_header(req)
attrs = self._get_attributes_form_header()
user_id = self._get_user_id_from_attributes(res_users, cr, attrs)
if user_id is None:
@ -107,19 +104,13 @@ class Session(main.Session):
key = randomString(utils.KEY_LENGTH, '0123456789abcdef')
res_users.write(cr, SUPERUSER_ID, [user_id], {'sso_key': key})
login = res_users.browse(cr, SUPERUSER_ID, user_id).login
req.session.bind(db_name, user_id, login, key)
request.session.authenticate(db_name, login=login, password=key, uid=user_id)
except http.AuthenticationError, e:
raise e
except Exception, e:
_logger.error("Error binding Http Remote User session", exc_info=True)
raise e
@http.jsonrequest
def get_http_remote_user_session_info(self, req, db):
if not req.session._login:
self._bind_http_remote_user(req, db)
return self.session_info(req)
randrange = random.SystemRandom().randrange

36
auth_from_http_remote_user/static/src/js/auth_from_http_remote_user.js

@ -1,36 +0,0 @@
openerp.auth_from_http_remote_user = function(instance) {
instance.web.Session.include({
session_load_response : function(response) {
//unregister the event since it must be called only if the rpc call
//is made by session_reload
this.off('response', this.session_load_response);
if (response.error && response.error.data.type === "session_invalid") {
$("body").html("<h1>Access Denied</h1>");
}
console.log("session_load_response called");
},
session_reload : function() {
var self = this;
// we need to register an handler for 'response' since
// by default, the rpc doesn't call callback function
// if the response is of error type 'session_invalid'
this.on('response', this, this.session_load_response);
return this.rpc("/web/session/get_http_remote_user_session_info", {
db : $.deparam.querystring().db
}).done(function(result) {
// If immediately follows a login (triggered by trying to
// restore
// an invalid session or no session at all), refresh session
// data
// (should not change, but just in case...)
_.extend(self, result);
}).fail(function(result){
$("body").html("<h1>Server error</h1>");
});
}
});
};

7
auth_from_http_remote_user/tests/test_res_users.py

@ -45,10 +45,11 @@ class test_res_users(common.TransactionCase):
def test_login(self):
res_users_obj = self.registry('res.users')
uid = res = res_users_obj.login(common.DB, 'admin', 'admin')
res = res_users_obj.authenticate(common.DB, 'admin', 'admin', None)
uid = res
self.assertTrue(res, "Basic login must works as expected")
token = "123456"
res = res_users_obj.login(common.DB, 'admin', token)
res = res_users_obj.authenticate(common.DB, 'admin', token, None)
self.assertFalse(res)
# mimic what the new controller do when it find a value in
# the http header (HTTP_REMODE_USER)
@ -61,7 +62,7 @@ class test_res_users(common.TransactionCase):
res_users_obj.check(common.DB, uid, token)
# we are able to login with the new token
res = res_users_obj.login(common.DB, 'admin', token)
res = res_users_obj.authenticate(common.DB, 'admin', token, None)
self.assertTrue(res)
@unittest.skipIf(os.environ.get('TRAVIS'),

Loading…
Cancel
Save