[FIX]auth_oauth: auth_oauth handle oauth error 3, auth_oauth_signup raise accessdenied instead of signuperror, auth_signup use literal_eval instead of safe_eval
bzr revid: dle@openerp.com-20130809145506-agzyvk8m1pr858jf
This commit is contained in:
parent
24546d629c
commit
6c25b2df25
|
@ -1,4 +1,6 @@
|
||||||
openerp.auth_oauth = function(instance) {
|
openerp.auth_oauth = function(instance) {
|
||||||
|
var _t = instance.web._t,
|
||||||
|
_lt = instance.web._lt;
|
||||||
var QWeb = instance.web.qweb;
|
var QWeb = instance.web.qweb;
|
||||||
|
|
||||||
instance.web.Login.include({
|
instance.web.Login.include({
|
||||||
|
@ -9,9 +11,11 @@ openerp.auth_oauth = function(instance) {
|
||||||
this.$el.on('click', 'a.zocial', this.on_oauth_sign_in);
|
this.$el.on('click', 'a.zocial', this.on_oauth_sign_in);
|
||||||
this.oauth_providers = [];
|
this.oauth_providers = [];
|
||||||
if(this.params.oauth_error === 1) {
|
if(this.params.oauth_error === 1) {
|
||||||
this.do_warn("Sign up error.","Sign up is not allowed on this database.");
|
this.do_warn(_t("Sign up error"),_t("Sign up is not allowed on this database."), true);
|
||||||
} else if(this.params.oauth_error === 2) {
|
} else if(this.params.oauth_error === 2) {
|
||||||
this.do_warn("Authentication error","");
|
this.do_warn(_t("Authentication error"),_t("Access Denied"), true);
|
||||||
|
} else if(this.params.oauth_error === 3) {
|
||||||
|
this.do_warn(_t("Authentication error"),_t("You do not have access to this database or your invitation has expired. Please ask for an invitation and be sure to follow the link in your invitation email."), true);
|
||||||
}
|
}
|
||||||
return d.done(this.do_oauth_load).fail(function() {
|
return d.done(this.do_oauth_load).fail(function() {
|
||||||
self.do_oauth_load([]);
|
self.do_oauth_load([]);
|
||||||
|
|
|
@ -23,6 +23,7 @@ import logging
|
||||||
import simplejson
|
import simplejson
|
||||||
|
|
||||||
import openerp
|
import openerp
|
||||||
|
from openerp.addons.auth_signup.res_users import SignupError
|
||||||
from openerp.osv import osv, fields
|
from openerp.osv import osv, fields
|
||||||
|
|
||||||
_logger = logging.getLogger(__name__)
|
_logger = logging.getLogger(__name__)
|
||||||
|
@ -35,7 +36,7 @@ class res_users(osv.Model):
|
||||||
try:
|
try:
|
||||||
login = super(res_users, self)._auth_oauth_signin(cr, uid, provider, validation, params, context=context)
|
login = super(res_users, self)._auth_oauth_signin(cr, uid, provider, validation, params, context=context)
|
||||||
|
|
||||||
except openerp.exceptions.AccessDenied:
|
except openerp.exceptions.AccessDenied, access_denied_exception:
|
||||||
if context and context.get('no_user_creation'):
|
if context and context.get('no_user_creation'):
|
||||||
return None
|
return None
|
||||||
state = simplejson.loads(params['state'])
|
state = simplejson.loads(params['state'])
|
||||||
|
@ -52,6 +53,8 @@ class res_users(osv.Model):
|
||||||
'oauth_access_token': params['access_token'],
|
'oauth_access_token': params['access_token'],
|
||||||
'active': True,
|
'active': True,
|
||||||
}
|
}
|
||||||
_, login, _ = self.signup(cr, uid, values, token, context=context)
|
try:
|
||||||
|
_, login, _ = self.signup(cr, uid, values, token, context=context)
|
||||||
|
except SignupError:
|
||||||
|
raise access_denied_exception
|
||||||
return login
|
return login
|
||||||
|
|
|
@ -25,7 +25,7 @@ from urlparse import urljoin
|
||||||
|
|
||||||
from openerp.osv import osv, fields
|
from openerp.osv import osv, fields
|
||||||
from openerp.tools.misc import DEFAULT_SERVER_DATETIME_FORMAT
|
from openerp.tools.misc import DEFAULT_SERVER_DATETIME_FORMAT
|
||||||
from openerp.tools.safe_eval import safe_eval
|
from ast import literal_eval
|
||||||
from openerp.tools.translate import _
|
from openerp.tools.translate import _
|
||||||
|
|
||||||
class SignupError(Exception):
|
class SignupError(Exception):
|
||||||
|
@ -214,12 +214,12 @@ class res_users(osv.Model):
|
||||||
def _signup_create_user(self, cr, uid, values, context=None):
|
def _signup_create_user(self, cr, uid, values, context=None):
|
||||||
""" create a new user from the template user """
|
""" create a new user from the template user """
|
||||||
ir_config_parameter = self.pool.get('ir.config_parameter')
|
ir_config_parameter = self.pool.get('ir.config_parameter')
|
||||||
template_user_id = safe_eval(ir_config_parameter.get_param(cr, uid, 'auth_signup.template_user_id', 'False'))
|
template_user_id = literal_eval(ir_config_parameter.get_param(cr, uid, 'auth_signup.template_user_id', 'False'))
|
||||||
assert template_user_id and self.exists(cr, uid, template_user_id, context=context), 'Signup: invalid template user'
|
assert template_user_id and self.exists(cr, uid, template_user_id, context=context), 'Signup: invalid template user'
|
||||||
|
|
||||||
# check that uninvited users may sign up
|
# check that uninvited users may sign up
|
||||||
if 'partner_id' not in values:
|
if 'partner_id' not in values:
|
||||||
if not safe_eval(ir_config_parameter.get_param(cr, uid, 'auth_signup.allow_uninvited', 'False')):
|
if not literal_eval(ir_config_parameter.get_param(cr, uid, 'auth_signup.allow_uninvited', 'False')):
|
||||||
raise SignupError('Signup is not allowed for uninvited users')
|
raise SignupError('Signup is not allowed for uninvited users')
|
||||||
|
|
||||||
assert values.get('login'), "Signup: no login given for new user"
|
assert values.get('login'), "Signup: no login given for new user"
|
||||||
|
|
Loading…
Reference in New Issue