odoo
/
odoo
2
0
Fork 0
Code Pull Requests Releases Activity

multiple refactoring with authentication 

bzr revid: nicolas.vanhoren@openerp.com-20130621121510-gx22b6j9pwsfe352
This commit is contained in:
niv-openerp 2013-06-21 14:15:10 +02:00
parent c90e8119bb
commit 2fd53a468c
4 changed files with 88 additions and 88 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

116
addons/web/controllers/main.py
View File

@ -572,7 +572,7 @@ html_template = """<!DOCTYPE html>
class Home(http.Controller):
@http.route('/', type='http', authentication="nodb")
@http.route('/', type='http', auth="none")
def index(self, s_action=None, db=None, **kw):
db, redir = db_monodb_redirect()
if redir:
@ -589,30 +589,30 @@ class Home(http.Controller):
}
return r
@http.route('/login', type='http', authentication="auth")
@http.route('/login', type='http', auth="user")
def login(self, db, login, key):
return login_and_redirect(db, login, key)
@http.route('/jsonrpc', type='json', authentication="nodb")
@http.route('/jsonrpc', type='json', auth="none")
def jsonrpc(self, service, method, args):
""" Method used by client APIs to contact OpenERP. """
return openerp.netsvc.dispatch_rpc(service, method, args)
class WebClient(http.Controller):
@http.route('/web/webclient/csslist', type='json', authentication="nodb")
@http.route('/web/webclient/csslist', type='json', auth="none")
def csslist(self, mods=None):
return manifest_list('css', mods=mods)
@http.route('/web/webclient/jslist', type='json', authentication="nodb")
@http.route('/web/webclient/jslist', type='json', auth="none")
def jslist(self, mods=None):
return manifest_list('js', mods=mods)
@http.route('/web/webclient/qweblist', type='json', authentication="nodb")
@http.route('/web/webclient/qweblist', type='json', auth="none")
def qweblist(self, mods=None):
return manifest_list('qweb', mods=mods)
@http.route('/web/webclient/css', type='http', authentication="nodb")
@http.route('/web/webclient/css', type='http', auth="none")
def css(self, mods=None, db=None):
files = list(manifest_glob('css', addons=mods, db=db))
last_modified = get_last_modified(f[0] for f in files)
@ -663,7 +663,7 @@ class WebClient(http.Controller):
request.make_response(content, [('Content-Type', 'text/css')]),
last_modified, checksum)
@http.route('/web/webclient/js', type='http', authentication="nodb")
@http.route('/web/webclient/js', type='http', auth="none")
def js(self, mods=None, db=None):
files = [f[0] for f in manifest_glob('js', addons=mods, db=db)]
last_modified = get_last_modified(files)
@ -676,7 +676,7 @@ class WebClient(http.Controller):
request.make_response(content, [('Content-Type', 'application/javascript')]),
last_modified, checksum)
@http.route('/web/webclient/qweb', type='http', authentication="nodb")
@http.route('/web/webclient/qweb', type='http', auth="none")
def qweb(self, mods=None, db=None):
files = [f[0] for f in manifest_glob('qweb', addons=mods, db=db)]
last_modified = get_last_modified(files)
@ -689,7 +689,7 @@ class WebClient(http.Controller):
request.make_response(content, [('Content-Type', 'text/xml')]),
last_modified, checksum)
@http.route('/web/webclient/bootstrap_translations', type='json', authentication="nodb")
@http.route('/web/webclient/bootstrap_translations', type='json', auth="none")
def bootstrap_translations(self, mods):
""" Load local translations from *.po files, as a temporary solution
until we have established a valid session. This is meant only
@ -712,7 +712,7 @@ class WebClient(http.Controller):
return {"modules": translations_per_module,
"lang_parameters": None}
@http.route('/web/webclient/translations', type='json', authentication="auth")
@http.route('/web/webclient/translations', type='json', auth="user")
def translations(self, mods, lang):
res_lang = request.session.model('res.lang')
ids = res_lang.search([("code", "=", lang)])
@ -737,13 +737,13 @@ class WebClient(http.Controller):
return {"modules": translations_per_module,
"lang_parameters": lang_params}
@http.route('/web/webclient/version_info', type='json', authentication="nodb")
@http.route('/web/webclient/version_info', type='json', auth="none")
def version_info(self):
return openerp.service.common.exp_version()
class Proxy(http.Controller):
@http.route('/web/proxy/load', type='json', authentication="nodb")
@http.route('/web/proxy/load', type='json', auth="none")
def load(self, path):
""" Proxies an HTTP request through a JSON request.
@ -760,11 +760,11 @@ class Proxy(http.Controller):
class Database(http.Controller):
@http.route('/web/database/get_list', type='json', authentication="nodb")
@http.route('/web/database/get_list', type='json', auth="none")
def get_list(self):
return db_list()
@http.route('/web/database/create', type='json', authentication="nodb")
@http.route('/web/database/create', type='json', auth="none")
def create(self, fields):
params = dict(map(operator.itemgetter('name', 'value'), fields))
return request.session.proxy("db").create_database(
@ -774,7 +774,7 @@ class Database(http.Controller):
params['db_lang'],
params['create_admin_pwd'])
@http.route('/web/database/duplicate', type='json', authentication="nodb")
@http.route('/web/database/duplicate', type='json', auth="none")
def duplicate(self, fields):
params = dict(map(operator.itemgetter('name', 'value'), fields))
duplicate_attrs = (
@ -785,7 +785,7 @@ class Database(http.Controller):
return request.session.proxy("db").duplicate_database(*duplicate_attrs)
@http.route('/web/database/drop', type='json', authentication="nodb")
@http.route('/web/database/drop', type='json', auth="none")
def drop(self, fields):
password, db = operator.itemgetter(
'drop_pwd', 'drop_db')(
@ -798,7 +798,7 @@ class Database(http.Controller):
except Exception:
return {'error': _('Could not drop database !'), 'title': _('Drop Database')}
@http.route('/web/database/backup', type='http', authentication="nodb")
@http.route('/web/database/backup', type='http', auth="none")
def backup(self, backup_db, backup_pwd, token):
try:
db_dump = base64.b64decode(
@ -816,7 +816,7 @@ class Database(http.Controller):
except Exception, e:
return simplejson.dumps([[],[{'error': openerp.tools.ustr(e), 'title': _('Backup Database')}]])
@http.route('/web/database/restore', type='http', authentication="nodb")
@http.route('/web/database/restore', type='http', auth="none")
def restore(self, db_file, restore_pwd, new_db):
try:
data = base64.b64encode(db_file.read())
@ -825,7 +825,7 @@ class Database(http.Controller):
except openerp.exceptions.AccessDenied, e:
raise Exception("AccessDenied")
@http.route('/web/database/change_password', type='json', authentication="nodb")
@http.route('/web/database/change_password', type='json', auth="none")
def change_password(self, fields):
old_password, new_password = operator.itemgetter(
'old_pwd', 'new_pwd')(
@ -849,13 +849,13 @@ class Session(http.Controller):
"username": request.session._login,
}
@http.route('/web/session/get_session_info', type='json', authentication="nodb")
@http.route('/web/session/get_session_info', type='json', auth="none")
def get_session_info(self):
request.uid = request.session._uid
request.db = request.session._db
return self.session_info()
@http.route('/web/session/authenticate', type='json', authentication="nodb")
@http.route('/web/session/authenticate', type='json', auth="none")
def authenticate(self, db, login, password, base_location=None):
wsgienv = request.httprequest.environ
env = dict(
@ -867,7 +867,7 @@ class Session(http.Controller):
return self.session_info()
@http.route('/web/session/change_password', type='json', authentication="auth")
@http.route('/web/session/change_password', type='json', auth="user")
def change_password(self, fields):
old_password, new_password,confirm_password = operator.itemgetter('old_pwd', 'new_password','confirm_pwd')(
dict(map(operator.itemgetter('name', 'value'), fields)))
@ -883,24 +883,24 @@ class Session(http.Controller):
return {'error': _('The old password you provided is incorrect, your password was not changed.'), 'title': _('Change Password')}
return {'error': _('Error, password not changed !'), 'title': _('Change Password')}
@http.route('/web/session/sc_list', type='json', authentication="auth")
@http.route('/web/session/sc_list', type='json', auth="user")
def sc_list(self):
return request.session.model('ir.ui.view_sc').get_sc(
request.session._uid, "ir.ui.menu", request.context)
@http.route('/web/session/get_lang_list', type='json', authentication="nodb")
@http.route('/web/session/get_lang_list', type='json', auth="none")
def get_lang_list(self):
try:
return request.session.proxy("db").list_lang() or []
except Exception, e:
return {"error": e, "title": _("Languages")}
@http.route('/web/session/modules', type='json', authentication="auth")
@http.route('/web/session/modules', type='json', auth="user")
def modules(self):
# return all installed modules. Web client is smart enough to not load a module twice
return module_installed()
@http.route('/web/session/save_session_action', type='json', authentication="auth")
@http.route('/web/session/save_session_action', type='json', auth="user")
def save_session_action(self, the_action):
"""
This method store an action object in the session object and returns an integer
@ -924,7 +924,7 @@ class Session(http.Controller):
saved_actions["next"] = key + 1
return key
@http.route('/web/session/get_session_action', type='json', authentication="auth")
@http.route('/web/session/get_session_action', type='json', auth="user")
def get_session_action(self, key):
"""
Gets back a previously saved action. This method can return None if the action
@ -940,18 +940,18 @@ class Session(http.Controller):
return None
return saved_actions["actions"].get(key)
@http.route('/web/session/check', type='json', authentication="auth")
@http.route('/web/session/check', type='json', auth="user")
def check(self):
request.session.assert_valid()
return None
@http.route('/web/session/destroy', type='json', authentication="auth")
@http.route('/web/session/destroy', type='json', auth="user")
def destroy(self):
request.session._suicide = True
class Menu(http.Controller):
@http.route('/web/menu/get_user_roots', type='json', authentication="auth")
@http.route('/web/menu/get_user_roots', type='json', auth="user")
def get_user_roots(self):
""" Return all root menu ids visible for the session user.
@ -973,7 +973,7 @@ class Menu(http.Controller):
return Menus.search(menu_domain, 0, False, False, request.context)
@http.route('/web/menu/load', type='json', authentication="auth")
@http.route('/web/menu/load', type='json', auth="user")
def load(self):
""" Loads all menu items (all applications and their sub-menus).
@ -1024,7 +1024,7 @@ class Menu(http.Controller):
return menu_root
@http.route('/web/menu/load_needaction', type='json', authentication="auth")
@http.route('/web/menu/load_needaction', type='json', auth="user")
def load_needaction(self, menu_ids):
""" Loads needaction counters for specific menu ids.
@ -1033,7 +1033,7 @@ class Menu(http.Controller):
"""
return request.session.model('ir.ui.menu').get_needaction_data(menu_ids, request.context)
@http.route('/web/menu/action', type='json', authentication="auth")
@http.route('/web/menu/action', type='json', auth="user")
def action(self, menu_id):
# still used by web_shortcut
actions = load_actions_from_ir_values('action', 'tree_but_open',
@ -1042,7 +1042,7 @@ class Menu(http.Controller):
class DataSet(http.Controller):
@http.route('/web/dataset/search_read', type='json', authentication="auth")
@http.route('/web/dataset/search_read', type='json', auth="user")
def search_read(self, model, fields=False, offset=0, limit=False, domain=None, sort=None):
return self.do_search_read(model, fields, offset, limit, domain, sort)
def do_search_read(self, model, fields=False, offset=0, limit=False, domain=None
@ -1084,7 +1084,7 @@ class DataSet(http.Controller):
'records': records
}
@http.route('/web/dataset/load', type='json', authentication="auth")
@http.route('/web/dataset/load', type='json', auth="user")
def load(self, model, id, fields):
m = request.session.model(model)
value = {}
@ -1110,26 +1110,26 @@ class DataSet(http.Controller):
return getattr(request.session.model(model), method)(*args, **kwargs)
@http.route('/web/dataset/call', type='json', authentication="auth")
@http.route('/web/dataset/call', type='json', auth="user")
def call(self, model, method, args, domain_id=None, context_id=None):
return self._call_kw(model, method, args, {})
@http.route(['/web/dataset/call_kw', '/web/dataset/call_kw/<path:path>'], type='json', authentication="auth")
@http.route(['/web/dataset/call_kw', '/web/dataset/call_kw/<path:path>'], type='json', auth="user")
def call_kw(self, model, method, args, kwargs, path=None):
return self._call_kw(model, method, args, kwargs)
@http.route('/web/dataset/call_button', type='json', authentication="auth")
@http.route('/web/dataset/call_button', type='json', auth="user")
def call_button(self, model, method, args, domain_id=None, context_id=None):
action = self._call_kw(model, method, args, {})
if isinstance(action, dict) and action.get('type') != '':
return clean_action(action)
return False
@http.route('/web/dataset/exec_workflow', type='json', authentication="auth")
@http.route('/web/dataset/exec_workflow', type='json', auth="user")
def exec_workflow(self, model, id, signal):
return request.session.exec_workflow(model, id, signal)
@http.route('/web/dataset/resequence', type='json', authentication="auth")
@http.route('/web/dataset/resequence', type='json', auth="user")
def resequence(self, model, ids, field='sequence', offset=0):
""" Re-sequences a number of records in the model, by their ids
@ -1154,7 +1154,7 @@ class DataSet(http.Controller):
class View(http.Controller):
@http.route('/web/view/add_custom', type='json', authentication="auth")
@http.route('/web/view/add_custom', type='json', auth="user")
def add_custom(self, view_id, arch):
CustomView = request.session.model('ir.ui.view.custom')
CustomView.create({
@ -1164,7 +1164,7 @@ class View(http.Controller):
}, request.context)
return {'result': True}
@http.route('/web/view/undo_custom', type='json', authentication="auth")
@http.route('/web/view/undo_custom', type='json', auth="user")
def undo_custom(self, view_id, reset=False):
CustomView = request.session.model('ir.ui.view.custom')
vcustom = CustomView.search([('user_id', '=', request.session._uid), ('ref_id' ,'=', view_id)],
@ -1179,7 +1179,7 @@ class View(http.Controller):
class TreeView(View):
@http.route('/web/treeview/action', type='json', authentication="auth")
@http.route('/web/treeview/action', type='json', auth="user")
def action(self, model, id):
return load_actions_from_ir_values(
'action', 'tree_but_open',[(model, id)],
@ -1187,7 +1187,7 @@ class TreeView(View):
class Binary(http.Controller):
@http.route('/web/binary/image', type='http', authentication="auth")
@http.route('/web/binary/image', type='http', auth="user")
def image(self, model, id, field, **kw):
last_update = '__last_update'
Model = request.session.model(model)
@ -1242,7 +1242,7 @@ class Binary(http.Controller):
addons_path = http.addons_manifest['web']['addons_path']
return open(os.path.join(addons_path, 'web', 'static', 'src', 'img', image), 'rb').read()
@http.route('/web/binary/saveas', type='http', authentication="auth")
@http.route('/web/binary/saveas', type='http', auth="user")
def saveas(self, model, field, id=None, filename_field=None, **kw):
""" Download link for files stored as binary fields.
@ -1275,7 +1275,7 @@ class Binary(http.Controller):
[('Content-Type', 'application/octet-stream'),
('Content-Disposition', content_disposition(filename))])
@http.route('/web/binary/saveas_ajax', type='http', authentication="auth")
@http.route('/web/binary/saveas_ajax', type='http', auth="user")
def saveas_ajax(self, data, token):
jdata = simplejson.loads(data)
model = jdata['model']
@ -1308,7 +1308,7 @@ class Binary(http.Controller):
('Content-Disposition', content_disposition(filename))],
cookies={'fileToken': int(token)})
@http.route('/web/binary/upload', type='http', authentication="auth")
@http.route('/web/binary/upload', type='http', auth="user")
def upload(self, callback, ufile):
# TODO: might be useful to have a configuration flag for max-length file uploads
out = """<script language="javascript" type="text/javascript">
@ -1323,7 +1323,7 @@ class Binary(http.Controller):
args = [False, e.message]
return out % (simplejson.dumps(callback), simplejson.dumps(args))
@http.route('/web/binary/upload_attachment', type='http', authentication="auth")
@http.route('/web/binary/upload_attachment', type='http', auth="user")
def upload_attachment(self, callback, model, id, ufile):
Model = request.session.model('ir.attachment')
out = """<script language="javascript" type="text/javascript">
@ -1346,7 +1346,7 @@ class Binary(http.Controller):
args = {'error': "Something horrible happened"}
return out % (simplejson.dumps(callback), simplejson.dumps(args))
@http.route('/web/binary/company_logo', type='http', authentication="nodb")
@http.route('/web/binary/company_logo', type='http', auth="none")
def company_logo(self, dbname=None):
# TODO add etag, refactor to use /image code for etag
uid = None
@ -1388,7 +1388,7 @@ class Binary(http.Controller):
class Action(http.Controller):
@http.route('/web/action/load', type='json', authentication="auth")
@http.route('/web/action/load', type='json', auth="user")
def load(self, action_id, do_not_eval=False):
Actions = request.session.model('ir.actions.actions')
value = False
@ -1414,7 +1414,7 @@ class Action(http.Controller):
value = clean_action(action[0])
return value
@http.route('/web/action/run', type='json', authentication="auth")
@http.route('/web/action/run', type='json', auth="user")
def run(self, action_id):
return_action = request.session.model('ir.actions.server').run(
[action_id], request.context)
@ -1425,7 +1425,7 @@ class Action(http.Controller):
class Export(http.Controller):
@http.route('/web/export/formats', type='json', authentication="auth")
@http.route('/web/export/formats', type='json', auth="user")
def formats(self):
""" Returns all valid export formats
@ -1439,7 +1439,7 @@ class Export(http.Controller):
fields = Model.fields_get(False, request.context)
return fields
@http.route('/web/export/get_fields', type='json', authentication="auth")
@http.route('/web/export/get_fields', type='json', auth="user")
def get_fields(self, model, prefix='', parent_name= '',
import_compat=True, parent_field_type=None,
exclude=None):
@ -1488,7 +1488,7 @@ class Export(http.Controller):
return records
@http.route('/web/export/namelist', type='json', authentication="auth")
@http.route('/web/export/namelist', type='json', auth="user")
def namelist(self, model, export_id):
# TODO: namelist really has no reason to be in Python (although itertools.groupby helps)
export = request.session.model("ir.exports").read([export_id])[0]
@ -1608,7 +1608,7 @@ class ExportFormat(object):
class CSVExport(ExportFormat, http.Controller):
fmt = {'tag': 'csv', 'label': 'CSV'}
@http.route('/web/export/csv', type='http', authentication="auth")
@http.route('/web/export/csv', type='http', auth="user")
def index(self, data, token):
return self.base(data, token)
@ -1650,7 +1650,7 @@ class ExcelExport(ExportFormat, http.Controller):
'error': None if xlwt else "XLWT required"
}
@http.route('/web/export/xls', type='http', authentication="auth")
@http.route('/web/export/xls', type='http', auth="user")
def index(self, data, token):
return self.base(data, token)
@ -1696,7 +1696,7 @@ class Reports(http.Controller):
'xls': 'application/vnd.ms-excel',
}
@http.route('/web/report', type='http', authentication="auth")
@http.route('/web/report', type='http', auth="user")
def index(self, action, token):
action = simplejson.loads(action)

2
addons/web/controllers/testing.py
View File

@ -87,7 +87,7 @@ TESTING = Template(u"""<!DOCTYPE html>
class TestRunnerController(http.Controller):
@http.route('/web/tests', type='http', authentication="nodb")
@http.route('/web/tests', type='http', auth="none")
def index(self, req, mod=None, **kwargs):
ms = module.get_modules()
manifests = dict(

8
addons/web/doc/web_controllers.rst
View File

@ -135,12 +135,12 @@ Authorization Levels
--------------------
By default, all methods can only be used by users logged into OpenERP (OpenERP uses cookies to track logged users).
There are some cases when you need to enable not-logged in users to access some methods. To do so, add the ``'noauth'``
value to the ``authentication`` parameter of ``http.route()``:
There are some cases when you need to enable not-logged in users to access some methods. To do so, add the ``'db'``
value to the ``auth`` parameter of ``http.route()``:
::
@http.route('/hello', type="http", authentication="noauth")
@http.route('/hello', type="http", auth="db")
def hello(self):
return "<div>Hello unknown user!</div>"
@ -158,7 +158,7 @@ want to override. Example that redefine the home page of your OpenERP applicatio
import openerp.addons.web.controllers.main as main
class Home2(main.Home):
@http.route('/', type="http", authentication="noauth")
@http.route('/', type="http", auth="db")
def index(self):
return "<div>This is my new home page.</div>"

50
addons/web/http.py
View File

@ -86,12 +86,12 @@ class WebRequest(object):
.. attribute:: db
``str``, the name of the database linked to the current request. Can be ``None``
if the current request uses the ``nodb`` authentication.
if the current request uses the ``none`` authentication.
.. attribute:: uid
``int``, the id of the user related to the current request. Can be ``None``
if the current request uses the ``nodb`` or the ``noauth`` authenticatoin.
if the current request uses the ``none`` or the ``db`` authenticatoin.
"""
def __init__(self, httprequest):
self.httprequest = httprequest
@ -149,10 +149,10 @@ class WebRequest(object):
self.lang = lang.replace('-', '_')
def _authenticate(self):
if self.auth_method == "nodb":
if self.auth_method == "none":
self.db = None
self.uid = None
elif self.auth_method == "noauth":
elif self.auth_method == "db":
self.db = (self.session._db or openerp.addons.web.controllers.main.db_monodb()).lower()
if not self.db:
raise SessionExpiredException("No valid database for request %s" % self.httprequest)
@ -169,14 +169,14 @@ class WebRequest(object):
def registry(self):
"""
The registry to the database linked to this request. Can be ``None`` if the current request uses the
``nodb'' authentication.
``none'' authentication.
"""
return openerp.modules.registry.RegistryManager.get(self.db) if self.db else None
@property
def cr(self):
"""
The cursor initialized for the current method call. If the current request uses the ``nodb`` authentication
The cursor initialized for the current method call. If the current request uses the ``none`` authentication
trying to access this property will raise an exception.
"""
# some magic to lazy create the cr
@ -209,7 +209,7 @@ class WebRequest(object):
self.db = None
self.uid = None
def route(route, type="http", authentication="auth"):
def route(route, type="http", auth="user"):
"""
Decorator marking the decorated method as being a handler for requests. The method must be part of a subclass
of ``Controller``.
@ -222,16 +222,16 @@ def route(route, type="http", authentication="auth"):
method. Can be a single string or an array of strings. See werkzeug's routing documentation for the format of
route expression ( http://werkzeug.pocoo.org/docs/routing/ ).
:param type: The type of request, can be ``'http'`` or ``'json'``.
:param authentication: The type of authentication method, can on of the following:
:param auth: The type of authentication method, can on of the following:
* ``auth``: The user must be authenticated.
* ``noauth``: There is no need for the user to be authenticated but there must be a way to find the current
* ``db``: There is no need for the user to be authenticated but there must be a way to find the current
database.
* ``nodb``: The method is always active, even if there is no database. Mainly used by the framework and
* ``none``: The method is always active, even if there is no database. Mainly used by the framework and
authentication modules.
"""
assert type in ["http", "json"]
assert authentication in ["auth", "noauth", "nodb"]
assert auth in ["user", "db", "none"]
def decorator(f):
if isinstance(route, list):
f.routes = route
@ -239,7 +239,7 @@ def route(route, type="http", authentication="auth"):
f.routes = [route]
f.exposed = type
if getattr(f, "auth", None) is None:
f.auth = authentication
f.auth = auth
return f
return decorator
@ -415,7 +415,7 @@ def jsonrequest(f):
base = f.__name__
if f.__name__ == "index":
base = ""
return route([base, os.path.join(base, "<path:_ignored_path>")], type="json", authentication="auth")(f)
return route([base, os.path.join(base, "<path:_ignored_path>")], type="json", auth="user")(f)
class HttpRequest(WebRequest):
""" Regular GET/POST request
@ -498,7 +498,7 @@ def httprequest(f):
base = f.__name__
if f.__name__ == "index":
base = ""
return route([base, os.path.join(base, "<path:_ignored_path>")], type="http", authentication="auth")(f)
return route([base, os.path.join(base, "<path:_ignored_path>")], type="http", auth="user")(f)
#----------------------------------------------------------
# Local storage of requests
@ -604,14 +604,14 @@ class Model(object):
def proxy(*args, **kw):
# Can't provide any retro-compatibility for this case, so we check it and raise an Exception
# to tell the programmer to adapt his code
if not http.request.db or not http.request.uid or self.session._db != http.request.db \
or self.session._uid != http.request.uid:
if not request.db or not request.uid or self.session._db != request.db \
or self.session._uid != request.uid:
raise Exception("Trying to use Model with badly configured database or user.")
mod = http.request.registry.get(self.model)
mod = request.registry.get(self.model)
meth = getattr(mod, method)
cr = http.request.cr
result = meth(cr, http.request.uid, *args, **kw)
cr = request.cr
result = meth(cr, request.uid, *args, **kw)
# reorder read
if method == "read":
if isinstance(result, list) and len(result) > 0 and "id" in result[0]:
@ -659,8 +659,8 @@ class OpenERPSession(object):
self._uid = uid
self._login = login
self._password = password
http.request.db = db
http.request.uid = uid
request.db = db
request.uid = uid
if uid: self.get_context()
return uid
@ -685,7 +685,7 @@ class OpenERPSession(object):
:returns: the new context
"""
assert self._uid, "The user needs to be logged-in to initialize his context"
self.context = http.request.registry.get('res.users').context_get(http.request.cr, http.request.uid) or {}
self.context = request.registry.get('res.users').context_get(request.cr, request.uid) or {}
self.context['uid'] = self._uid
self._fix_lang(self.context)
return self.context
@ -1031,7 +1031,7 @@ class Root(object):
members = inspect.getmembers(o)
for mk, mv in members:
if inspect.ismethod(mv) and getattr(mv, 'exposed', False) and \
nodb_only == (getattr(mv, 'auth', None) == "nodb"):
nodb_only == (getattr(mv, "user", None) == "none"):
function = (o.get_wrapped_method(mk), mv)
for url in mv.routes:
if getattr(mv, "combine", False):
@ -1042,7 +1042,7 @@ class Root(object):
modules_set = set(controllers_per_module.keys())
modules_set -= set("web")
# building all nodb methods
# building all none methods
gen(["web"] + sorted(modules_set), True)
if not db:
return routing_map
@ -1088,7 +1088,7 @@ class Root(object):
return func(*args, **kwargs)
request.func = nfunc
request.auth_method = getattr(original, "auth", "auth")
request.auth_method = getattr(original, "auth", "user")
request.func_request_type = original.exposed
def wsgi_postload():