You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 

83 lines
3.1 KiB

# -*- encoding: utf-8 -*-
##############################################################################
#
# Tracks Authentication Attempts and Prevents Brute-force Attacks module
# Copyright (C) 2015-Today GRAP (http://www.grap.coop)
# @author Sylvain LE GAL (https://twitter.com/legalsylvain)
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
##############################################################################
import urllib
import json
from openerp import models, fields, api
from openerp.tools.translate import _
class ResBannedRemote(models.Model):
_name = 'res.banned.remote'
_GEOLOCALISATION_URL = "http://ip-api.com/json/{}"
# Default Section
def _default_ban_date(self):
return fields.Datetime.now()
# Column Section
name = fields.Char(
string='Name', compute='_compute_remote_description',
store=True, multi='remote_description', required=True)
description = fields.Text(
string='Description', compute='_compute_remote_description',
store=True, multi='remote_description')
ban_date = fields.Datetime(
string='Ban Date', required=True, default=_default_ban_date)
remote = fields.Char(string='Remote ID', required=True)
active = fields.Boolean(
string='Active', help="Uncheck this box to unban the remote",
default=True)
attempt_ids = fields.Many2many(
comodel_name='res.authentication.attempt', string='Attempts',
compute='_compute_attempt_ids')
# Compute Section
@api.multi
@api.depends('remote')
def _compute_remote_description(self):
for item in self:
url = self._GEOLOCALISATION_URL.format(item.remote)
res = json.loads(urllib.urlopen(url).read())
item.description = ''
for k, v in res.iteritems():
item.description += '%s : %s\n' % (k, v)
if res.get('status', False) == 'success':
item.name = _("%s %s - %s %s (ISP: %s)" % (
res.get('country', ''), res.get('regionName', ''),
res.get('zip', ''), res.get('city'),
res.get('isp', '')))
else:
item.name = _('Unidentified Call from %s' % (item.remote))
@api.multi
def _compute_attempt_ids(self):
for item in self:
attempt_obj = self.env['res.authentication.attempt']
item.attempt_ids = attempt_obj.search_last_failed(item.remote).ids