Browse Source

Merge pull request #1383 from acsone/9.0-ref_server_environment_secret_keys_tbi

[9.0] [REF] Server Environment: secret keys
pull/1434/head
Yannick Vaucher 6 years ago
committed by GitHub
parent
commit
e94bfd93f1
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
  1. 1
      .gitignore
  2. 3
      server_environment/README.rst
  3. 1
      server_environment/__openerp__.py
  4. 10
      server_environment/security/res_groups.xml
  5. 20
      server_environment/serv_config.py

1
.gitignore

@ -21,6 +21,7 @@ var/
*.egg-info/ *.egg-info/
.installed.cfg .installed.cfg
*.egg *.egg
*.eggs
# Installer logs # Installer logs
pip-log.txt pip-log.txt

3
server_environment/README.rst

@ -15,7 +15,8 @@ module.
All the settings will be read only and visible under the Configuration All the settings will be read only and visible under the Configuration
menu. If you are not in the 'dev' environment you will not be able to menu. If you are not in the 'dev' environment you will not be able to
see the values contained in keys named '*passw*'.
see the values contained in the defined secret keys
(by default : '*passw*', '*key*', '*secret*' and '*token*').
Installation Installation
============ ============

1
server_environment/__openerp__.py

@ -29,6 +29,7 @@
"license": "GPL-3 or any later version", "license": "GPL-3 or any later version",
"category": "Tools", "category": "Tools",
"data": [ "data": [
'security/res_groups.xml',
'serv_config.xml', 'serv_config.xml',
], ],
'installable': True, 'installable': True,

10
server_environment/security/res_groups.xml

@ -0,0 +1,10 @@
<?xml version="1.0"?>
<odoo>
<record model="res.groups" id="has_server_configuration_access">
<field name="name">View Server Environment Configuration</field>
<field name="users" eval="[(4, ref('base.user_root'))]"/>
</record>
</odoo>

20
server_environment/serv_config.py

@ -25,7 +25,7 @@ import ConfigParser
from lxml import etree from lxml import etree
from itertools import chain from itertools import chain
from openerp import models, fields
from openerp import api, models, fields
from openerp.tools.config import config as system_base_config from openerp.tools.config import config as system_base_config
from .system_info import get_server_environment from .system_info import get_server_environment
@ -246,10 +246,26 @@ class ServerConfiguration(models.TransientModel):
res['fields'] = xfields res['fields'] = xfields
return res return res
@api.model
def _is_secret(self, key):
"""
This method is intended to be inherited to defined which keywords
should be secret.
:return: list of secret keywords
"""
secret_keys = ['passw', 'key', 'secret', 'token']
return any(secret_key in key for secret_key in secret_keys)
def default_get(self, cr, uid, fields_list, context=None): def default_get(self, cr, uid, fields_list, context=None):
res = {} res = {}
current_user = self.pool['res.users'].browse(
cr, uid, uid, context=context)
if not current_user.has_group(
'server_environment.has_server_configuration_access'):
return res
for key in self._conf_defaults: for key in self._conf_defaults:
if 'passw' in key and not self.show_passwords:
if not self.show_passwords and self._is_secret(
cr, uid, context=context, key=key):
res[key] = '**********' res[key] = '**********'
else: else:
res[key] = self._conf_defaults[key]() res[key] = self._conf_defaults[key]()

Loading…
Cancel
Save