Skip to content

Commit

Permalink
[14.0] add auth_res_users_apikeys_server_env
Browse files Browse the repository at this point in the history
  • Loading branch information
petrus-v committed Sep 11, 2024
1 parent 814e389 commit 69f5d64
Show file tree
Hide file tree
Showing 17 changed files with 754 additions and 0 deletions.
103 changes: 103 additions & 0 deletions auth_res_users_apikeys_server_env/README.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1,103 @@
=====================================
Auth Users API key server environment
=====================================

..
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!! This file is generated by oca-gen-addon-readme !!
!! changes will be overwritten. !!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!! source digest: sha256:2c7e031d4a765b77b1cd162f11ba209e35cdc152033b1c6d11899e3b70398113
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
:target: https://odoo-community.org/page/development-status
:alt: Beta
.. |badge2| image:: https://img.shields.io/badge/licence-LGPL--3-blue.png
:target: http://www.gnu.org/licenses/lgpl-3.0-standalone.html
:alt: License: LGPL-3
.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github
:target: https://github.com/OCA/server-auth/tree/14.0/auth_res_users_apikeys_server_env
:alt: OCA/server-auth
.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
:target: https://translation.odoo-community.org/projects/server-auth-14-0/server-auth-14-0-auth_res_users_apikeys_server_env
:alt: Translate me on Weblate
.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png
:target: https://runboat.odoo-community.org/builds?repo=OCA/server-auth&target_branch=14.0
:alt: Try me on Runboat

|badge1| |badge2| |badge3| |badge4| |badge5|

Configure API keys (`res.users.apikeys`) per environment.

This can be very useful when other applications communicate with odoo
over jsonrpc to avoid mixing your keys between various
environments ie: when restoring Odoo production databases to staging/tests/dev environments.

This module let change the scope of your API keys in user form view. This module expect scope
set to `rpc_<env>` where `<env>` is the `running_env` used by `server_environment` module.

**Table of contents**

.. contents::
:local:

Configuration
=============


* got to the user preference form
* add new keys for each env on production databases
* set scope of each key regarding target environment with template: `rpc_<env>`
where `<env>` is the `running_env` used by `server_environment` module.

only api key matching this env would works.

.. note::

If you keep scope as empty string you would get default behavior and match any env
.. warning::

Unfortunately as key are already encrypted and key field not expose to the ORM
on base module we can't configure key in config files as it would be with
server_environment and server_environment_data_encryption

Bug Tracker
===========

Bugs are tracked on `GitHub Issues <https://github.com/OCA/server-auth/issues>`_.
In case of trouble, please check there if your issue has already been reported.
If you spotted it first, help us to smash it by providing a detailed and welcomed
`feedback <https://github.com/OCA/server-auth/issues/new?body=module:%20auth_res_users_apikeys_server_env%0Aversion:%2014.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.

Do not contact contributors directly about support or help with technical issues.

Credits
=======

Authors
~~~~~~~

* Camptocamp

Contributors
~~~~~~~~~~~~

* Pierre Verkest <pierrevekrest84@gmail.com>

Maintainers
~~~~~~~~~~~

This module is maintained by the OCA.

.. image:: https://odoo-community.org/logo.png
:alt: Odoo Community Association
:target: https://odoo-community.org

OCA, or the Odoo Community Association, is a nonprofit organization whose
mission is to support the collaborative development of Odoo features and
promote its widespread use.

This module is part of the `OCA/server-auth <https://github.com/OCA/server-auth/tree/14.0/auth_res_users_apikeys_server_env>`_ project on GitHub.

You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.
1 change: 1 addition & 0 deletions auth_res_users_apikeys_server_env/__init__.py
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
from . import models
19 changes: 19 additions & 0 deletions auth_res_users_apikeys_server_env/__manifest__.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
# Copyright 2021 Camptocamp SA
# @author: Simone Orsi <simone.orsi@camptocamp.com>
# License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl).

{
"name": "Auth Users API key server environment",
"summary": """
Configure user api keys (`res.users.apikeys`) via server env.
""",
"version": "14.0.1.1.0",
"license": "LGPL-3",
"website": "https://github.com/OCA/server-auth",
"author": "Camptocamp,Odoo Community Association (OCA)",
"depends": ["base", "server_environment"],
"data": [
"security/ir.model.access.csv",
"views/res_users_apikeys.xml",
],
}
2 changes: 2 additions & 0 deletions auth_res_users_apikeys_server_env/models/__init__.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
from . import res_users_apikeys
from . import res_users
29 changes: 29 additions & 0 deletions auth_res_users_apikeys_server_env/models/res_users.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
# Copyright 2018 ACSONE SA/NV
# Copyright 2021 Camptocamp SA
# @author: Simone Orsi <simone.orsi@camptocamp.com>
# License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl).


from odoo import models
from odoo.exceptions import AccessDenied
from odoo.tools.config import config


class ResUsers(models.Model):

_inherit = "res.users"

def _check_credentials(self, password, user_agent_env):
try:
return super()._check_credentials(password, user_agent_env)
except AccessDenied:
pass
if (
self.env["res.users.apikeys"]._check_credentials(
scope=f'rpc_{config.get("running_env", "test")}', key=password
)
== self.env.uid
):
return self.env.uid

raise AccessDenied()
12 changes: 12 additions & 0 deletions auth_res_users_apikeys_server_env/models/res_users_apikeys.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
# Copyright 2023 Foodles
# @author: Pierre Verkest <pierreverkest84@gmail.com>
# License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl).


from odoo import fields, models


class ResUsersAPIKeys(models.Model):
_inherit = "res.users.apikeys"

scope = fields.Char(readonly=False)
16 changes: 16 additions & 0 deletions auth_res_users_apikeys_server_env/readme/CONFIGURE.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@

* got to the user preference form
* add new keys for each env on production databases
* set scope of each key regarding target environment with template: `rpc_<env>`
where `<env>` is the `running_env` used by `server_environment` module.

only api key matching this env would works.

.. note::

If you keep scope as empty string you would get default behavior and match any env
.. warning::

Unfortunately as key are already encrypted and key field not expose to the ORM
on base module we can't configure key in config files as it would be with
server_environment and server_environment_data_encryption
1 change: 1 addition & 0 deletions auth_res_users_apikeys_server_env/readme/CONTRIBUTORS.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
* Pierre Verkest <pierrevekrest84@gmail.com>
8 changes: 8 additions & 0 deletions auth_res_users_apikeys_server_env/readme/DESCRIPTION.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
Configure API keys (`res.users.apikeys`) per environment.

This can be very useful when other applications communicate with odoo
over jsonrpc to avoid mixing your keys between various
environments ie: when restoring Odoo production databases to staging/tests/dev environments.

This module let change the scope of your API keys in user form view. This module expect scope
set to `rpc_<env>` where `<env>` is the `running_env` used by `server_environment` module.
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
"id","name","model_id:id","group_id:id","perm_read","perm_write","perm_create","perm_unlink"
"access_res_users_apikeys_admin","API user key managed by admin",model_res_users_apikeys,base.group_system,1,1,1,1
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading

0 comments on commit 69f5d64

Please sign in to comment.