odoo
/
odoo
2
0
Fork 0
Code Pull Requests Releases Activity

[FIX]auth_oauth: auth_oauth handle oauth error 3, auth_oauth_signup raise accessdenied instead of signuperror, auth_signup use literal_eval instead of safe_eval 

bzr revid: dle@openerp.com-20130809145506-agzyvk8m1pr858jf
This commit is contained in:
Denis Ledoux 2013-08-09 16:55:06 +02:00
parent 24546d629c
commit 6c25b2df25
3 changed files with 15 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
addons/auth_oauth/static/src/js/auth_oauth.js
View File

@ -1,4 +1,6 @@
openerp.auth_oauth = function(instance) {
var _t = instance.web._t,
_lt = instance.web._lt;
var QWeb = instance.web.qweb;
instance.web.Login.include({
@ -9,9 +11,11 @@ openerp.auth_oauth = function(instance) {
this.$el.on('click', 'a.zocial', this.on_oauth_sign_in);
this.oauth_providers = [];
if(this.params.oauth_error === 1) {
this.do_warn("Sign up error.","Sign up is not allowed on this database.");
this.do_warn(_t("Sign up error"),_t("Sign up is not allowed on this database."), true);
} else if(this.params.oauth_error === 2) {
this.do_warn("Authentication error","");
this.do_warn(_t("Authentication error"),_t("Access Denied"), true);
} else if(this.params.oauth_error === 3) {
this.do_warn(_t("Authentication error"),_t("You do not have access to this database or your invitation has expired. Please ask for an invitation and be sure to follow the link in your invitation email."), true);
}
return d.done(this.do_oauth_load).fail(function() {
self.do_oauth_load([]);

9
addons/auth_oauth_signup/res_users.py
View File

@ -23,6 +23,7 @@ import logging
import simplejson
import openerp
from openerp.addons.auth_signup.res_users import SignupError
from openerp.osv import osv, fields
_logger = logging.getLogger(__name__)
@ -35,7 +36,7 @@ class res_users(osv.Model):
try:
login = super(res_users, self)._auth_oauth_signin(cr, uid, provider, validation, params, context=context)
except openerp.exceptions.AccessDenied:
except openerp.exceptions.AccessDenied, access_denied_exception:
if context and context.get('no_user_creation'):
return None
state = simplejson.loads(params['state'])
@ -52,6 +53,8 @@ class res_users(osv.Model):
'oauth_access_token': params['access_token'],
'active': True,
}
_, login, _ = self.signup(cr, uid, values, token, context=context)
try:
_, login, _ = self.signup(cr, uid, values, token, context=context)
except SignupError:
raise access_denied_exception
return login

6
addons/auth_signup/res_users.py
View File

@ -25,7 +25,7 @@ from urlparse import urljoin
from openerp.osv import osv, fields
from openerp.tools.misc import DEFAULT_SERVER_DATETIME_FORMAT
from openerp.tools.safe_eval import safe_eval
from ast import literal_eval
from openerp.tools.translate import _
class SignupError(Exception):
@ -214,12 +214,12 @@ class res_users(osv.Model):
def _signup_create_user(self, cr, uid, values, context=None):
""" create a new user from the template user """
ir_config_parameter = self.pool.get('ir.config_parameter')
template_user_id = safe_eval(ir_config_parameter.get_param(cr, uid, 'auth_signup.template_user_id', 'False'))
template_user_id = literal_eval(ir_config_parameter.get_param(cr, uid, 'auth_signup.template_user_id', 'False'))
assert template_user_id and self.exists(cr, uid, template_user_id, context=context), 'Signup: invalid template user'
# check that uninvited users may sign up
if 'partner_id' not in values:
if not safe_eval(ir_config_parameter.get_param(cr, uid, 'auth_signup.allow_uninvited', 'False')):
if not literal_eval(ir_config_parameter.get_param(cr, uid, 'auth_signup.allow_uninvited', 'False')):
raise SignupError('Signup is not allowed for uninvited users')
assert values.get('login'), "Signup: no login given for new user"