[FIX]auth_oauth: auth_oauth handle oauth error 3, auth_oauth_signup raise accessdenied instead of signuperror, auth_signup use literal_eval instead of safe_eval
bzr revid: dle@openerp.com-20130809145506-agzyvk8m1pr858jf
This commit is contained in:
parent
24546d629c
commit
6c25b2df25
|
@ -1,4 +1,6 @@
|
|||
openerp.auth_oauth = function(instance) {
|
||||
var _t = instance.web._t,
|
||||
_lt = instance.web._lt;
|
||||
var QWeb = instance.web.qweb;
|
||||
|
||||
instance.web.Login.include({
|
||||
|
@ -9,9 +11,11 @@ openerp.auth_oauth = function(instance) {
|
|||
this.$el.on('click', 'a.zocial', this.on_oauth_sign_in);
|
||||
this.oauth_providers = [];
|
||||
if(this.params.oauth_error === 1) {
|
||||
this.do_warn("Sign up error.","Sign up is not allowed on this database.");
|
||||
this.do_warn(_t("Sign up error"),_t("Sign up is not allowed on this database."), true);
|
||||
} else if(this.params.oauth_error === 2) {
|
||||
this.do_warn("Authentication error","");
|
||||
this.do_warn(_t("Authentication error"),_t("Access Denied"), true);
|
||||
} else if(this.params.oauth_error === 3) {
|
||||
this.do_warn(_t("Authentication error"),_t("You do not have access to this database or your invitation has expired. Please ask for an invitation and be sure to follow the link in your invitation email."), true);
|
||||
}
|
||||
return d.done(this.do_oauth_load).fail(function() {
|
||||
self.do_oauth_load([]);
|
||||
|
|
|
@ -23,6 +23,7 @@ import logging
|
|||
import simplejson
|
||||
|
||||
import openerp
|
||||
from openerp.addons.auth_signup.res_users import SignupError
|
||||
from openerp.osv import osv, fields
|
||||
|
||||
_logger = logging.getLogger(__name__)
|
||||
|
@ -35,7 +36,7 @@ class res_users(osv.Model):
|
|||
try:
|
||||
login = super(res_users, self)._auth_oauth_signin(cr, uid, provider, validation, params, context=context)
|
||||
|
||||
except openerp.exceptions.AccessDenied:
|
||||
except openerp.exceptions.AccessDenied, access_denied_exception:
|
||||
if context and context.get('no_user_creation'):
|
||||
return None
|
||||
state = simplejson.loads(params['state'])
|
||||
|
@ -52,6 +53,8 @@ class res_users(osv.Model):
|
|||
'oauth_access_token': params['access_token'],
|
||||
'active': True,
|
||||
}
|
||||
_, login, _ = self.signup(cr, uid, values, token, context=context)
|
||||
|
||||
try:
|
||||
_, login, _ = self.signup(cr, uid, values, token, context=context)
|
||||
except SignupError:
|
||||
raise access_denied_exception
|
||||
return login
|
||||
|
|
|
@ -25,7 +25,7 @@ from urlparse import urljoin
|
|||
|
||||
from openerp.osv import osv, fields
|
||||
from openerp.tools.misc import DEFAULT_SERVER_DATETIME_FORMAT
|
||||
from openerp.tools.safe_eval import safe_eval
|
||||
from ast import literal_eval
|
||||
from openerp.tools.translate import _
|
||||
|
||||
class SignupError(Exception):
|
||||
|
@ -214,12 +214,12 @@ class res_users(osv.Model):
|
|||
def _signup_create_user(self, cr, uid, values, context=None):
|
||||
""" create a new user from the template user """
|
||||
ir_config_parameter = self.pool.get('ir.config_parameter')
|
||||
template_user_id = safe_eval(ir_config_parameter.get_param(cr, uid, 'auth_signup.template_user_id', 'False'))
|
||||
template_user_id = literal_eval(ir_config_parameter.get_param(cr, uid, 'auth_signup.template_user_id', 'False'))
|
||||
assert template_user_id and self.exists(cr, uid, template_user_id, context=context), 'Signup: invalid template user'
|
||||
|
||||
# check that uninvited users may sign up
|
||||
if 'partner_id' not in values:
|
||||
if not safe_eval(ir_config_parameter.get_param(cr, uid, 'auth_signup.allow_uninvited', 'False')):
|
||||
if not literal_eval(ir_config_parameter.get_param(cr, uid, 'auth_signup.allow_uninvited', 'False')):
|
||||
raise SignupError('Signup is not allowed for uninvited users')
|
||||
|
||||
assert values.get('login'), "Signup: no login given for new user"
|
||||
|
|
Loading…
Reference in New Issue