-
-
Notifications
You must be signed in to change notification settings - Fork 423
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[14.0] add auth_res_users_apikeys_server_env
- Loading branch information
Showing
17 changed files
with
754 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,103 @@ | ||
===================================== | ||
Auth Users API key server environment | ||
===================================== | ||
|
||
.. | ||
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! | ||
!! This file is generated by oca-gen-addon-readme !! | ||
!! changes will be overwritten. !! | ||
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! | ||
!! source digest: sha256:2c7e031d4a765b77b1cd162f11ba209e35cdc152033b1c6d11899e3b70398113 | ||
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! | ||
.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png | ||
:target: https://odoo-community.org/page/development-status | ||
:alt: Beta | ||
.. |badge2| image:: https://img.shields.io/badge/licence-LGPL--3-blue.png | ||
:target: http://www.gnu.org/licenses/lgpl-3.0-standalone.html | ||
:alt: License: LGPL-3 | ||
.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github | ||
:target: https://github.com/OCA/server-auth/tree/14.0/auth_res_users_apikeys_server_env | ||
:alt: OCA/server-auth | ||
.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png | ||
:target: https://translation.odoo-community.org/projects/server-auth-14-0/server-auth-14-0-auth_res_users_apikeys_server_env | ||
:alt: Translate me on Weblate | ||
.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png | ||
:target: https://runboat.odoo-community.org/builds?repo=OCA/server-auth&target_branch=14.0 | ||
:alt: Try me on Runboat | ||
|
||
|badge1| |badge2| |badge3| |badge4| |badge5| | ||
|
||
Configure API keys (`res.users.apikeys`) per environment. | ||
|
||
This can be very useful when other applications communicate with odoo | ||
over jsonrpc to avoid mixing your keys between various | ||
environments ie: when restoring Odoo production databases to staging/tests/dev environments. | ||
|
||
This module let change the scope of your API keys in user form view. This module expect scope | ||
set to `rpc_<env>` where `<env>` is the `running_env` used by `server_environment` module. | ||
|
||
**Table of contents** | ||
|
||
.. contents:: | ||
:local: | ||
|
||
Configuration | ||
============= | ||
|
||
|
||
* got to the user preference form | ||
* add new keys for each env on production databases | ||
* set scope of each key regarding target environment with template: `rpc_<env>` | ||
where `<env>` is the `running_env` used by `server_environment` module. | ||
|
||
only api key matching this env would works. | ||
|
||
.. note:: | ||
|
||
If you keep scope as empty string you would get default behavior and match any env | ||
.. warning:: | ||
|
||
Unfortunately as key are already encrypted and key field not expose to the ORM | ||
on base module we can't configure key in config files as it would be with | ||
server_environment and server_environment_data_encryption | ||
|
||
Bug Tracker | ||
=========== | ||
|
||
Bugs are tracked on `GitHub Issues <https://github.com/OCA/server-auth/issues>`_. | ||
In case of trouble, please check there if your issue has already been reported. | ||
If you spotted it first, help us to smash it by providing a detailed and welcomed | ||
`feedback <https://github.com/OCA/server-auth/issues/new?body=module:%20auth_res_users_apikeys_server_env%0Aversion:%2014.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_. | ||
|
||
Do not contact contributors directly about support or help with technical issues. | ||
|
||
Credits | ||
======= | ||
|
||
Authors | ||
~~~~~~~ | ||
|
||
* Camptocamp | ||
|
||
Contributors | ||
~~~~~~~~~~~~ | ||
|
||
* Pierre Verkest <pierrevekrest84@gmail.com> | ||
|
||
Maintainers | ||
~~~~~~~~~~~ | ||
|
||
This module is maintained by the OCA. | ||
|
||
.. image:: https://odoo-community.org/logo.png | ||
:alt: Odoo Community Association | ||
:target: https://odoo-community.org | ||
|
||
OCA, or the Odoo Community Association, is a nonprofit organization whose | ||
mission is to support the collaborative development of Odoo features and | ||
promote its widespread use. | ||
|
||
This module is part of the `OCA/server-auth <https://github.com/OCA/server-auth/tree/14.0/auth_res_users_apikeys_server_env>`_ project on GitHub. | ||
|
||
You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
from . import models |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
# Copyright 2021 Camptocamp SA | ||
# @author: Simone Orsi <simone.orsi@camptocamp.com> | ||
# License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl). | ||
|
||
{ | ||
"name": "Auth Users API key server environment", | ||
"summary": """ | ||
Configure user api keys (`res.users.apikeys`) via server env. | ||
""", | ||
"version": "14.0.1.1.0", | ||
"license": "LGPL-3", | ||
"website": "https://github.com/OCA/server-auth", | ||
"author": "Camptocamp,Odoo Community Association (OCA)", | ||
"depends": ["base", "server_environment"], | ||
"data": [ | ||
"security/ir.model.access.csv", | ||
"views/res_users_apikeys.xml", | ||
], | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
from . import res_users_apikeys | ||
from . import res_users |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
# Copyright 2018 ACSONE SA/NV | ||
# Copyright 2021 Camptocamp SA | ||
# @author: Simone Orsi <simone.orsi@camptocamp.com> | ||
# License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl). | ||
|
||
|
||
from odoo import models | ||
from odoo.exceptions import AccessDenied | ||
from odoo.tools.config import config | ||
|
||
|
||
class ResUsers(models.Model): | ||
|
||
_inherit = "res.users" | ||
|
||
def _check_credentials(self, password, user_agent_env): | ||
try: | ||
return super()._check_credentials(password, user_agent_env) | ||
except AccessDenied: | ||
pass | ||
if ( | ||
self.env["res.users.apikeys"]._check_credentials( | ||
scope=f'rpc_{config.get("running_env", "test")}', key=password | ||
) | ||
== self.env.uid | ||
): | ||
return self.env.uid | ||
|
||
raise AccessDenied() |
12 changes: 12 additions & 0 deletions
12
auth_res_users_apikeys_server_env/models/res_users_apikeys.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
# Copyright 2023 Foodles | ||
# @author: Pierre Verkest <pierreverkest84@gmail.com> | ||
# License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl). | ||
|
||
|
||
from odoo import fields, models | ||
|
||
|
||
class ResUsersAPIKeys(models.Model): | ||
_inherit = "res.users.apikeys" | ||
|
||
scope = fields.Char(readonly=False) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
|
||
* got to the user preference form | ||
* add new keys for each env on production databases | ||
* set scope of each key regarding target environment with template: `rpc_<env>` | ||
where `<env>` is the `running_env` used by `server_environment` module. | ||
|
||
only api key matching this env would works. | ||
|
||
.. note:: | ||
|
||
If you keep scope as empty string you would get default behavior and match any env | ||
.. warning:: | ||
|
||
Unfortunately as key are already encrypted and key field not expose to the ORM | ||
on base module we can't configure key in config files as it would be with | ||
server_environment and server_environment_data_encryption |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
* Pierre Verkest <pierrevekrest84@gmail.com> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
Configure API keys (`res.users.apikeys`) per environment. | ||
|
||
This can be very useful when other applications communicate with odoo | ||
over jsonrpc to avoid mixing your keys between various | ||
environments ie: when restoring Odoo production databases to staging/tests/dev environments. | ||
|
||
This module let change the scope of your API keys in user form view. This module expect scope | ||
set to `rpc_<env>` where `<env>` is the `running_env` used by `server_environment` module. |
2 changes: 2 additions & 0 deletions
2
auth_res_users_apikeys_server_env/security/ir.model.access.csv
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
"id","name","model_id:id","group_id:id","perm_read","perm_write","perm_create","perm_unlink" | ||
"access_res_users_apikeys_admin","API user key managed by admin",model_res_users_apikeys,base.group_system,1,1,1,1 |
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Oops, something went wrong.