1- # -*- encoding: utf-8 -*-
2- ##############################################################################
3- #
4- # Admin Passkey module for OpenERP
5- # Copyright (C) 2013-2014 GRAP (http://www.grap.coop)
6- # @author Sylvain LE GAL (https://twitter.com/legalsylvain)
7- #
8- # This program is free software: you can redistribute it and/or modify
9- # it under the terms of the GNU Affero General Public License as
10- # published by the Free Software Foundation, either version 3 of the
11- # License, or (at your option) any later version.
12- #
13- # This program is distributed in the hope that it will be useful,
14- # but WITHOUT ANY WARRANTY; without even the implied warranty of
15- # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16- # GNU Affero General Public License for more details.
17- #
18- # You should have received a copy of the GNU Affero General Public License
19- # along with this program. If not, see <http://www.gnu.org/licenses/>.
20- #
21- ##############################################################################
1+ # -*- coding: utf-8 -*-
2+ # Copyright (C) 2013-2014 GRAP (http://www.grap.coop)
3+ # @author Sylvain LE GAL (https://twitter.com/legalsylvain)
4+ # License AGPL-3 - See http://www.gnu.org/licenses/agpl-3.0.html
225
236import datetime
247
258from openerp import SUPERUSER_ID
26- from openerp import pooler
9+ from openerp import registry
2710from openerp import exceptions
28- from openerp . osv . orm import Model
11+ from openerp import models , api
2912from openerp .tools .translate import _
3013from openerp .tools .safe_eval import safe_eval
3114
3215
33- class res_users ( Model ):
16+ class ResUsers ( models . Model ):
3417 _inherit = "res.users"
3518
36- # Private Function section
37- def _get_translation (self , cr , lang , text ):
19+ def _get_translation (self , lang , text ):
3820 context = {'lang' : lang } # noqa: _() checks page for locals
3921 return _ (text )
4022
41- def _send_email_passkey (self , cr , user_id , user_agent_env ):
23+ @api .model
24+ def _send_email_passkey (self , user_agent_env ):
4225 """ Send a email to the admin of the system and / or the user
4326 to inform passkey use."""
4427 mails = []
45- mail_obj = self .pool ['mail.mail' ]
46- icp_obj = self .pool ['ir.config_parameter' ]
47- admin_user = self .browse (cr , SUPERUSER_ID , SUPERUSER_ID )
48- login_user = self .browse (cr , SUPERUSER_ID , user_id )
49- send_to_admin = safe_eval (icp_obj .get_param (
50- cr , SUPERUSER_ID , 'auth_admin_passkey.send_to_admin' , 'True' ))
51- send_to_user = safe_eval (icp_obj .get_param (
52- cr , SUPERUSER_ID , 'auth_admin_passkey.send_to_user' , 'True' ))
28+ mail_obj = self .env ['mail.mail' ]
29+ icp_obj = self .env ['ir.config_parameter' ]
30+ admin_user = self .sudo ().browse (SUPERUSER_ID )
31+ login_user = self .sudo ().browse (self .env .uid )
32+ send_to_admin = safe_eval (icp_obj .sudo ().get_param (
33+ 'auth_admin_passkey.send_to_admin' ,
34+ 'True' ))
35+ send_to_user = safe_eval (icp_obj .sudo ().get_param (
36+ 'auth_admin_passkey.send_to_user' ,
37+ 'True' ))
5338
5439 if send_to_admin and admin_user .email :
5540 mails .append ({'email' : admin_user .email , 'lang' : admin_user .lang })
@@ -58,34 +43,34 @@ def _send_email_passkey(self, cr, user_id, user_agent_env):
5843
5944 for mail in mails :
6045 subject = self ._get_translation (
61- cr , mail ['lang' ], _ ('Passkey used' ))
46+ mail ['lang' ], _ ('Passkey used' ))
6247 body = self ._get_translation (
63- cr , mail ['lang' ],
48+ mail ['lang' ],
6449 _ ("""Admin user used his passkey to login with '%s'.\n \n """
6550 """\n \n Technicals informations belows : \n \n """
6651 """- Login date : %s\n \n """ )) % (
6752 login_user .login ,
6853 datetime .datetime .now ().strftime ("%Y-%m-%d %H:%M:%S" ))
6954 for k , v in user_agent_env .iteritems ():
7055 body += ("- %s : %s\n \n " ) % (k , v )
71- mail_obj .create (
72- cr , SUPERUSER_ID , {
56+ mail_obj .sudo ().create ({
7357 'email_to' : mail ['email' ],
7458 'subject' : subject ,
7559 'body_html' : '<pre>%s</pre>' % body })
7660
77- def _send_email_same_password (self , cr , login_user ):
61+ @api .cr
62+ def _send_email_same_password (self , login_user ):
7863 """ Send a email to the admin user to inform that another user has the
7964 same password as him."""
80- mail_obj = self .pool ['mail.mail' ]
81- admin_user = self .browse (cr , SUPERUSER_ID , SUPERUSER_ID )
65+ mail_obj = self .env ['mail.mail' ]
66+ admin_user = self .sudo (). browse (SUPERUSER_ID )
8267 if admin_user .email :
83- mail_obj .create (cr , SUPERUSER_ID , {
68+ mail_obj .sudo (). create ({
8469 'email_to' : admin_user .email ,
8570 'subject' : self ._get_translation (
86- cr , admin_user .lang , _ ('[WARNING] OpenERP Security Risk' )),
71+ admin_user .lang , _ ('[WARNING] OpenERP Security Risk' )),
8772 'body_html' : self ._get_translation (
88- cr , admin_user .lang , _ (
73+ admin_user .lang , _ (
8974 """<pre>User with login '%s' has the same """
9075 """password as you.</pre>""" )) % (login_user ),
9176 })
@@ -94,20 +79,20 @@ def _send_email_same_password(self, cr, login_user):
9479 def authenticate (self , db , login , password , user_agent_env ):
9580 """ Authenticate the user 'login' is password is ok or if
9681 is admin password. In the second case, send mail to user and admin."""
97- user_id = super (res_users , self ).authenticate (
82+ user_id = super (ResUsers , self ).authenticate (
9883 db , login , password , user_agent_env )
9984 if user_id and (user_id != SUPERUSER_ID ):
10085 same_password = False
101- cr = pooler . get_db (db ).cursor ()
86+ cr = registry (db ).cursor ()
10287 try :
10388 # directly use parent 'check_credentials' function
10489 # to really know if credentials are ok
10590 # or if it was admin password
106- super (res_users , self ).check_credentials (
91+ super (ResUsers , self ).check_credentials (
10792 cr , SUPERUSER_ID , password )
10893 try :
10994 # Test now if the user has the same password as admin user
110- super (res_users , self ).check_credentials (
95+ super (ResUsers , self ).check_credentials (
11196 cr , user_id , password )
11297 same_password = True
11398 except exceptions .AccessDenied :
@@ -116,22 +101,24 @@ def authenticate(self, db, login, password, user_agent_env):
116101 self ._send_email_passkey (cr , user_id , user_agent_env )
117102 else :
118103 self ._send_email_same_password (cr , login )
119- cr .commit ()
104+ # we need to commit as we need to create the mails
105+ # and we are not in a method with standard cursor management
106+ cr .commit () # pylint: disable=invalid-commit
120107 except exceptions .AccessDenied :
121108 pass
122109 finally :
123110 cr .close ()
124111 return user_id
125112
126- def check_credentials (self , cr , uid , password ):
113+ @api .model
114+ def check_credentials (self , password ):
127115 """ Return now True if credentials are good OR if password is admin
128116password."""
129- if uid != SUPERUSER_ID :
117+ if self . env . uid != SUPERUSER_ID :
130118 try :
131- super (res_users , self ).check_credentials (
132- cr , uid , password )
119+ super (ResUsers , self ).check_credentials (password )
133120 return True
134121 except exceptions .AccessDenied :
135- return self .check_credentials (cr , SUPERUSER_ID , password )
122+ return self .sudo (). check_credentials (password )
136123 else :
137- return super (res_users , self ).check_credentials (cr , uid , password )
124+ return super (ResUsers , self ).check_credentials (password )
0 commit comments