2012-09-25 10:40:13 +00:00
|
|
|
# -*- coding: utf-8 -*-
|
|
|
|
##############################################################################
|
|
|
|
#
|
|
|
|
# OpenERP, Open Source Management Solution
|
|
|
|
# Copyright (C) 2012-today OpenERP SA (<http://www.openerp.com>)
|
|
|
|
#
|
|
|
|
# This program is free software: you can redistribute it and/or modify
|
|
|
|
# it under the terms of the GNU Affero General Public License as
|
|
|
|
# published by the Free Software Foundation, either version 3 of the
|
|
|
|
# License, or (at your option) any later version
|
|
|
|
#
|
|
|
|
# This program is distributed in the hope that it will be useful,
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
# GNU Affero General Public License for more details
|
|
|
|
#
|
|
|
|
# You should have received a copy of the GNU Affero General Public License
|
|
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>
|
|
|
|
#
|
|
|
|
##############################################################################
|
2012-10-10 20:46:17 +00:00
|
|
|
import logging
|
2014-02-06 09:17:22 +00:00
|
|
|
import werkzeug
|
2012-10-10 20:46:17 +00:00
|
|
|
|
|
|
|
import openerp
|
2014-01-28 14:21:32 +00:00
|
|
|
from openerp.addons.auth_signup.res_users import SignupError
|
2014-02-27 16:41:41 +00:00
|
|
|
from openerp.addons.web.controllers.main import ensure_db
|
2013-10-22 17:06:59 +00:00
|
|
|
from openerp import http
|
2014-02-19 10:30:32 +00:00
|
|
|
from openerp.http import request
|
2014-01-21 15:20:27 +00:00
|
|
|
from openerp.tools.translate import _
|
2012-08-12 17:06:03 +00:00
|
|
|
|
|
|
|
_logger = logging.getLogger(__name__)
|
|
|
|
|
2014-02-05 18:32:32 +00:00
|
|
|
class AuthSignupHome(openerp.addons.web.controllers.main.Home):
|
2014-01-17 14:18:06 +00:00
|
|
|
|
2014-01-21 15:20:27 +00:00
|
|
|
@http.route()
|
2014-01-17 14:18:06 +00:00
|
|
|
def web_login(self, *args, **kw):
|
2014-02-27 16:41:41 +00:00
|
|
|
ensure_db()
|
2014-02-05 18:32:32 +00:00
|
|
|
response = super(AuthSignupHome, self).web_login(*args, **kw)
|
2014-02-27 10:17:25 +00:00
|
|
|
response.qcontext.update(self.get_auth_signup_config())
|
2014-03-12 11:21:41 +00:00
|
|
|
if request.httprequest.method == 'GET' and request.session.uid and request.params.get('redirect'):
|
|
|
|
# Redirect if already logged in and redirect param is present
|
|
|
|
return http.redirect_with_hash(request.params.get('redirect'))
|
2014-02-05 18:32:32 +00:00
|
|
|
return response
|
|
|
|
|
2014-05-13 09:35:45 +00:00
|
|
|
@http.route('/web/signup', type='http', auth='public', website=True)
|
2014-02-05 18:32:32 +00:00
|
|
|
def web_auth_signup(self, *args, **kw):
|
|
|
|
qcontext = self.get_auth_signup_qcontext()
|
|
|
|
|
2014-02-06 09:17:22 +00:00
|
|
|
if not qcontext.get('token') and not qcontext.get('signup_enabled'):
|
|
|
|
raise werkzeug.exceptions.NotFound()
|
|
|
|
|
2014-02-05 18:32:32 +00:00
|
|
|
if 'error' not in qcontext and request.httprequest.method == 'POST':
|
|
|
|
try:
|
|
|
|
self.do_signup(qcontext)
|
|
|
|
return super(AuthSignupHome, self).web_login(*args, **kw)
|
|
|
|
except (SignupError, AssertionError), e:
|
2015-12-16 13:16:20 +00:00
|
|
|
if request.env["res.users"].sudo().search([("login", "=", qcontext.get("login"))]):
|
|
|
|
qcontext["error"] = _("Another user is already registered using this email address.")
|
|
|
|
else:
|
|
|
|
_logger.error(e.message)
|
|
|
|
qcontext['error'] = _("Could not create a new account.")
|
2014-02-05 18:32:32 +00:00
|
|
|
|
2014-02-27 10:17:25 +00:00
|
|
|
return request.render('auth_signup.signup', qcontext)
|
2014-02-05 18:32:32 +00:00
|
|
|
|
2014-05-13 09:35:45 +00:00
|
|
|
@http.route('/web/reset_password', type='http', auth='public', website=True)
|
2014-02-05 18:32:32 +00:00
|
|
|
def web_auth_reset_password(self, *args, **kw):
|
|
|
|
qcontext = self.get_auth_signup_qcontext()
|
|
|
|
|
2014-02-06 09:17:22 +00:00
|
|
|
if not qcontext.get('token') and not qcontext.get('reset_password_enabled'):
|
|
|
|
raise werkzeug.exceptions.NotFound()
|
|
|
|
|
2014-02-05 18:32:32 +00:00
|
|
|
if 'error' not in qcontext and request.httprequest.method == 'POST':
|
|
|
|
try:
|
|
|
|
if qcontext.get('token'):
|
|
|
|
self.do_signup(qcontext)
|
|
|
|
return super(AuthSignupHome, self).web_login(*args, **kw)
|
|
|
|
else:
|
|
|
|
login = qcontext.get('login')
|
|
|
|
assert login, "No login provided."
|
|
|
|
res_users = request.registry.get('res.users')
|
|
|
|
res_users.reset_password(request.cr, openerp.SUPERUSER_ID, login)
|
|
|
|
qcontext['message'] = _("An email has been sent with credentials to reset your password")
|
|
|
|
except SignupError:
|
|
|
|
qcontext['error'] = _("Could not reset your password")
|
|
|
|
_logger.exception('error when resetting password')
|
2014-02-27 15:49:55 +00:00
|
|
|
except Exception, e:
|
2016-10-24 20:34:06 +00:00
|
|
|
qcontext['error'] = e.message or e.name
|
2014-02-05 18:32:32 +00:00
|
|
|
|
2014-02-27 10:17:25 +00:00
|
|
|
return request.render('auth_signup.reset_password', qcontext)
|
2014-02-05 18:32:32 +00:00
|
|
|
|
|
|
|
def get_auth_signup_config(self):
|
|
|
|
"""retrieve the module config (which features are enabled) for the login page"""
|
|
|
|
|
|
|
|
icp = request.registry.get('ir.config_parameter')
|
|
|
|
return {
|
|
|
|
'signup_enabled': icp.get_param(request.cr, openerp.SUPERUSER_ID, 'auth_signup.allow_uninvited') == 'True',
|
|
|
|
'reset_password_enabled': icp.get_param(request.cr, openerp.SUPERUSER_ID, 'auth_signup.reset_password') == 'True',
|
|
|
|
}
|
|
|
|
|
|
|
|
def get_auth_signup_qcontext(self):
|
|
|
|
""" Shared helper returning the rendering context for signup and reset password """
|
2014-01-21 15:20:27 +00:00
|
|
|
qcontext = request.params.copy()
|
2014-02-06 09:17:22 +00:00
|
|
|
qcontext.update(self.get_auth_signup_config())
|
2014-02-05 18:32:32 +00:00
|
|
|
if qcontext.get('token'):
|
2014-01-21 15:20:27 +00:00
|
|
|
try:
|
|
|
|
# retrieve the user info (name, login or email) corresponding to a signup token
|
|
|
|
res_partner = request.registry.get('res.partner')
|
2014-02-05 18:32:32 +00:00
|
|
|
token_infos = res_partner.signup_retrieve_info(request.cr, openerp.SUPERUSER_ID, qcontext.get('token'))
|
2014-01-21 15:20:27 +00:00
|
|
|
for k, v in token_infos.items():
|
|
|
|
qcontext.setdefault(k, v)
|
|
|
|
except:
|
|
|
|
qcontext['error'] = _("Invalid signup token")
|
2014-02-05 18:32:32 +00:00
|
|
|
return qcontext
|
2014-01-17 14:18:06 +00:00
|
|
|
|
2014-02-05 18:32:32 +00:00
|
|
|
def do_signup(self, qcontext):
|
|
|
|
""" Shared helper that creates a res.partner out of a token """
|
|
|
|
values = dict((key, qcontext.get(key)) for key in ('login', 'name', 'password'))
|
|
|
|
assert any([k for k in values.values()]), "The form was not properly filled in."
|
|
|
|
assert values.get('password') == qcontext.get('confirm_password'), "Passwords do not match; please retype them."
|
2015-06-17 12:32:53 +00:00
|
|
|
values['lang'] = request.lang
|
2014-02-05 18:32:32 +00:00
|
|
|
self._signup_with_values(qcontext.get('token'), values)
|
|
|
|
request.cr.commit()
|
2012-12-03 14:44:24 +00:00
|
|
|
|
2014-01-28 13:55:07 +00:00
|
|
|
def _signup_with_values(self, token, values):
|
2014-02-11 13:29:01 +00:00
|
|
|
db, login, password = request.registry['res.users'].signup(request.cr, openerp.SUPERUSER_ID, values, token)
|
2014-02-13 19:08:45 +00:00
|
|
|
request.cr.commit() # as authenticate will use its own cursor we need to commit the current transaction
|
2014-02-11 13:29:01 +00:00
|
|
|
uid = request.session.authenticate(db, login, password)
|
2014-02-13 19:08:45 +00:00
|
|
|
if not uid:
|
2014-02-11 13:29:01 +00:00
|
|
|
raise SignupError(_('Authentification Failed.'))
|
2014-01-28 13:55:07 +00:00
|
|
|
|
2012-08-12 17:06:03 +00:00
|
|
|
# vim:expandtab:tabstop=4:softtabstop=4:shiftwidth=4:
|