Browse Source
auth_admin_passkey: Migrate module for odoo 10
auth_admin_passkey: Migrate module for odoo 10
Remove authenticate as check_credentials is dedicated for this purpose. Removed mail translations maybe possible in some way ? Give some space to the code Make the addon compliant to OCA guidelines Adapt readme to new template and compress header in tests Make the addon a python package NOTE: authenticate() method cannot be used in tests because a new cr is created in _login method that does not contains our user. Signed-off-by: Eugen Don <eugen.don@don-systems.de>pull/776/head
Alexandre Papin
8 years ago
15 changed files with 444 additions and 326 deletions
-
98auth_admin_passkey/README.rst
-
4auth_admin_passkey/__manifest__.py
-
22auth_admin_passkey/data/ir_config_parameter.xml
-
48auth_admin_passkey/i18n/auth_admin_passkey.pot
-
27auth_admin_passkey/models/__init__.py
-
65auth_admin_passkey/models/res_config.py
-
141auth_admin_passkey/models/res_users.py
-
22auth_admin_passkey/tests/__init__.py
-
103auth_admin_passkey/tests/test_auth_admin_passkey.py
-
171auth_admin_passkey/tests/test_ui.py
-
26auth_admin_passkey/views/res_config_view.xml
-
1setup/auth_admin_passkey/odoo/__init__.py
-
1setup/auth_admin_passkey/odoo/addons/__init__.py
-
1setup/auth_admin_passkey/odoo/addons/auth_admin_passkey
-
6setup/auth_admin_passkey/setup.py
@ -1,18 +1,80 @@ |
|||
Admin password become a passkey for all active logins |
|||
===================================================== |
|||
|
|||
Functionality : |
|||
--------------- |
|||
* Administrator has now the possibility to login in with any login; |
|||
* By default, Odoo will send a mail to user and admin to indicate them; |
|||
* If a user and the admin have the same password, admin will be informed; |
|||
|
|||
Technical information : |
|||
----------------------- |
|||
* Create two ir_config_parameter to enable / disable mail sending; |
|||
|
|||
Copyright, Author and Licence : |
|||
------------------------------- |
|||
* Copyright : 2014, Groupement Régional Alimentaire de Proximité; |
|||
* Author : Sylvain LE GAL (https://twitter.com/legalsylvain); |
|||
* Licence : AGPL-3 (http://www.gnu.org/licenses/) |
|||
.. image:: https://img.shields.io/badge/licence-AGPL--3-blue.svg |
|||
:target: http://www.gnu.org/licenses/agpl-3.0-standalone.html |
|||
:alt: License: AGPL-3 |
|||
|
|||
==================== |
|||
Auth Admin - Passkey |
|||
==================== |
|||
|
|||
This module extends the functionality of users module to support loging in with the administrator password |
|||
in other user accounts. |
|||
|
|||
* Administrator has now the possibility to login in with any login; |
|||
* By default, Odoo will send a mail to user and admin to indicate them; |
|||
* If a user and the admin have the same password, admin will be informed; |
|||
|
|||
|
|||
Configuration |
|||
============= |
|||
|
|||
To enable notifications for login attempts, you need to: |
|||
|
|||
Go to Settings > General Settings. |
|||
|
|||
Enable the "Send email to admin user" and / or "Send email to user" checkbox |
|||
|
|||
|
|||
Usage |
|||
===== |
|||
|
|||
To login into a different user account type in the user name of the account and the password of the administrator at the login screen |
|||
|
|||
|
|||
.. image:: https://odoo-community.org/website/image/ir.attachment/5784_f2813bd/datas |
|||
:alt: Try me on Runbot |
|||
:target: https://runbot.odoo-community.org/runbot/149/10.0 |
|||
|
|||
|
|||
Known issues / Roadmap |
|||
====================== |
|||
|
|||
None |
|||
|
|||
Bug Tracker |
|||
=========== |
|||
|
|||
Bugs are tracked on `GitHub Issues |
|||
<https://github.com/OCA/server-tools/issues>`_. In case of trouble, please |
|||
check there if your issue has already been reported. If you spotted it first, |
|||
help us smash it by providing detailed and welcomed feedback. |
|||
|
|||
Credits |
|||
======= |
|||
|
|||
Images |
|||
------ |
|||
|
|||
* Odoo Community Association: `Icon <https://github.com/OCA/maintainer-tools/blob/master/template/module/static/description/icon.svg>`_. |
|||
|
|||
Contributors |
|||
------------ |
|||
|
|||
* Eugen Don <eugen.don@don-systems.de> |
|||
* Alexandre Papin (https://twitter.com/Fenkiou) |
|||
* Sylvain LE GAL (https://twitter.com/legalsylvain) |
|||
|
|||
|
|||
Maintainer |
|||
---------- |
|||
|
|||
.. image:: https://odoo-community.org/logo.png |
|||
:alt: Odoo Community Association |
|||
:target: https://odoo-community.org |
|||
|
|||
This module is maintained by the OCA. |
|||
|
|||
OCA, or the Odoo Community Association, is a nonprofit organization whose |
|||
mission is to support the collaborative development of Odoo features and |
|||
promote its widespread use. |
|||
|
|||
To contribute to this module, please visit https://odoo-community.org. |
@ -1,24 +1,9 @@ |
|||
# -*- encoding: utf-8 -*- |
|||
############################################################################## |
|||
# |
|||
# Admin Passkey module for Odoo |
|||
# -*- coding: utf-8 -*- |
|||
# Copyright (C) 2013-2014 GRAP (http://www.grap.coop) |
|||
# @author Sylvain LE GAL (https://twitter.com/legalsylvain) |
|||
# |
|||
# This program is free software: you can redistribute it and/or modify |
|||
# it under the terms of the GNU Affero General Public License as |
|||
# published by the Free Software Foundation, either version 3 of the |
|||
# License, or (at your option) any later version. |
|||
# |
|||
# This program is distributed in the hope that it will be useful, |
|||
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
|||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|||
# GNU Affero General Public License for more details. |
|||
# |
|||
# You should have received a copy of the GNU Affero General Public License |
|||
# along with this program. If not, see <http://www.gnu.org/licenses/>. |
|||
# |
|||
############################################################################## |
|||
# License AGPL-3 - See http://www.gnu.org/licenses/agpl-3.0.html |
|||
|
|||
from . import res_config |
|||
from . import res_users |
|||
from . import ( |
|||
res_config, |
|||
res_users, |
|||
) |
@ -1,23 +1,7 @@ |
|||
# -*- encoding: utf-8 -*- |
|||
############################################################################## |
|||
# |
|||
# Admin Passkey module for Odoo |
|||
# -*- coding: utf-8 -*- |
|||
# Copyright (C) 2013-2014 GRAP (http://www.grap.coop) |
|||
# @author Sylvain LE GAL (https://twitter.com/legalsylvain) |
|||
# |
|||
# This program is free software: you can redistribute it and/or modify |
|||
# it under the terms of the GNU Affero General Public License as |
|||
# published by the Free Software Foundation, either version 3 of the |
|||
# License, or (at your option) any later version. |
|||
# |
|||
# This program is distributed in the hope that it will be useful, |
|||
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
|||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|||
# GNU Affero General Public License for more details. |
|||
# |
|||
# You should have received a copy of the GNU Affero General Public License |
|||
# along with this program. If not, see <http://www.gnu.org/licenses/>. |
|||
# |
|||
############################################################################## |
|||
# License AGPL-3 - See http://www.gnu.org/licenses/agpl-3.0.html |
|||
|
|||
from . import test_auth_admin_passkey |
|||
from . import test_ui |
@ -0,0 +1,171 @@ |
|||
# -*- coding: utf-8 -*- |
|||
# Copyright (C) 2013-2014 GRAP (http://www.grap.coop) |
|||
# @author Sylvain LE GAL (https://twitter.com/legalsylvain) |
|||
# License AGPL-3 - See http://www.gnu.org/licenses/agpl-3.0.html |
|||
|
|||
from lxml import html |
|||
|
|||
from werkzeug.test import Client |
|||
from werkzeug.wrappers import BaseResponse |
|||
|
|||
from odoo.tests import common |
|||
from odoo.service import wsgi_server |
|||
|
|||
|
|||
@common.post_install(True) |
|||
class TestUI(common.HttpCase): |
|||
|
|||
def setUp(self): |
|||
super(TestUI, self).setUp() |
|||
|
|||
with self.registry.cursor() as test_cursor: |
|||
env = self.env(test_cursor) |
|||
|
|||
self.admin_password = 'AdminPa$$w0rd' |
|||
env.ref('base.user_root').password = self.admin_password |
|||
self.passkey_password = 'PasskeyPa$$w0rd' |
|||
self.passkey_user = env['res.users'].create({ |
|||
'name': 'passkey', |
|||
'login': 'passkey', |
|||
'email': 'passkey', |
|||
'password': self.passkey_password |
|||
}) |
|||
self.dbname = env.cr.dbname |
|||
|
|||
self.werkzeug_environ = {'REMOTE_ADDR': '127.0.0.1'} |
|||
self.test_client = Client(wsgi_server.application, BaseResponse) |
|||
self.test_client.get('/web/session/logout') |
|||
|
|||
def html_doc(self, response): |
|||
"""Get an HTML LXML document.""" |
|||
return html.fromstring(response.data) |
|||
|
|||
def csrf_token(self, response): |
|||
"""Get a valid CSRF token.""" |
|||
doc = self.html_doc(response) |
|||
return doc.xpath("//input[@name='csrf_token']")[0].get('value') |
|||
|
|||
def get_request(self, url, data=None): |
|||
return self.test_client.get( |
|||
url, query_string=data, follow_redirects=True) |
|||
|
|||
def post_request(self, url, data=None): |
|||
return self.test_client.post( |
|||
url, data=data, follow_redirects=True, |
|||
environ_base=self.werkzeug_environ) |
|||
|
|||
def test_01_normal_login_admin_succeed(self): |
|||
# Our admin user wants to go to backoffice part of Odoo |
|||
response = self.get_request('/web/', data={'db': self.dbname}) |
|||
|
|||
# He notices that his redirected to login page as not authenticated |
|||
self.assertIn('oe_login_form', response.data) |
|||
|
|||
# He needs to enters his credentials and submit the form |
|||
data = { |
|||
'login': 'admin', |
|||
'password': self.admin_password, |
|||
'csrf_token': self.csrf_token(response), |
|||
'db': self.dbname |
|||
} |
|||
response = self.post_request('/web/login/', data=data) |
|||
|
|||
# He notices that his redirected to backoffice |
|||
self.assertNotIn('oe_login_form', response.data) |
|||
|
|||
def test_02_normal_login_admin_fail(self): |
|||
# Our admin user wants to go to backoffice part of Odoo |
|||
response = self.get_request('/web/', data={'db': self.dbname}) |
|||
|
|||
# He notices that he's redirected to login page as not authenticated |
|||
self.assertIn('oe_login_form', response.data) |
|||
|
|||
# He needs to enter his credentials and submit the form |
|||
data = { |
|||
'login': 'admin', |
|||
'password': 'password', |
|||
'csrf_token': self.csrf_token(response), |
|||
'db': self.dbname |
|||
} |
|||
response = self.post_request('/web/login/', data=data) |
|||
|
|||
# He mistyped his password so he's redirected to login page again |
|||
self.assertIn('Wrong login/password', response.data) |
|||
|
|||
def test_03_normal_login_passkey_succeed(self): |
|||
# Our passkey user wants to go to backoffice part of Odoo |
|||
response = self.get_request('/web/', data={'db': self.dbname}) |
|||
|
|||
# He notices that he's redirected to login page as not authenticated |
|||
self.assertIn('oe_login_form', response.data) |
|||
|
|||
# He needs to enter his credentials and submit the form |
|||
data = { |
|||
'login': self.passkey_user.login, |
|||
'password': self.passkey_password, |
|||
'csrf_token': self.csrf_token(response), |
|||
'db': self.dbname |
|||
} |
|||
response = self.post_request('/web/login/', data=data) |
|||
|
|||
# He notices that his redirected to backoffice |
|||
self.assertNotIn('oe_login_form', response.data) |
|||
|
|||
def test_04_normal_login_passkey_fail(self): |
|||
# Our passkey user wants to go to backoffice part of Odoo |
|||
response = self.get_request('/web/', data={'db': self.dbname}) |
|||
|
|||
# He notices that he's redirected to login page as not authenticated |
|||
self.assertIn('oe_login_form', response.data) |
|||
|
|||
# He needs to enter his credentials and submit the form |
|||
data = { |
|||
'login': self.passkey_user.login, |
|||
'password': 'password', |
|||
'csrf_token': self.csrf_token(response), |
|||
'db': self.dbname |
|||
} |
|||
response = self.post_request('/web/login/', data=data) |
|||
|
|||
# He mistyped his password so he's redirected to login page again |
|||
self.assertIn('Wrong login/password', response.data) |
|||
|
|||
def test_05_passkey_login_with_admin_password_succeed(self): |
|||
# Our admin user wants to login as passkey user |
|||
response = self.get_request('/web/', data={'db': self.dbname}) |
|||
|
|||
# He notices that his redirected to login page as not authenticated |
|||
self.assertIn('oe_login_form', response.data) |
|||
|
|||
# He needs to enters its password with passkey user's login |
|||
data = { |
|||
'login': self.passkey_user.login, |
|||
'password': self.admin_password, |
|||
'csrf_token': self.csrf_token(response), |
|||
'db': self.dbname |
|||
} |
|||
response = self.post_request('/web/login/', data=data) |
|||
|
|||
# He notices that his redirected to backoffice |
|||
self.assertNotIn('oe_login_form', response.data) |
|||
|
|||
def test_06_passkey_login_with_same_password_as_admin(self): |
|||
self.passkey_user.password = self.admin_password |
|||
|
|||
# Our passkey user wants to go to backoffice part of Odoo |
|||
response = self.get_request('/web/', data={'db': self.dbname}) |
|||
|
|||
# He notices that his redirected to login page as not authenticated |
|||
self.assertIn('oe_login_form', response.data) |
|||
|
|||
# He needs to enters his credentials and submit the form |
|||
data = { |
|||
'login': self.passkey_user.login, |
|||
'password': self.admin_password, |
|||
'csrf_token': self.csrf_token(response), |
|||
'db': self.dbname |
|||
} |
|||
response = self.post_request('/web/login/', data=data) |
|||
|
|||
# He notices that his redirected to backoffice |
|||
self.assertNotIn('oe_login_form', response.data) |
@ -0,0 +1 @@ |
|||
__import__('pkg_resources').declare_namespace(__name__) |
@ -0,0 +1 @@ |
|||
__import__('pkg_resources').declare_namespace(__name__) |
@ -0,0 +1 @@ |
|||
../../../../auth_admin_passkey |
@ -0,0 +1,6 @@ |
|||
import setuptools |
|||
|
|||
setuptools.setup( |
|||
setup_requires=['setuptools-odoo'], |
|||
odoo_addon=True, |
|||
) |
Write
Preview
Loading…
Cancel
Save
Reference in new issue