[FIX] res_user check method partial fix.
bzr revid: vta@openerp.com-20120814063413-kymp5dq5sbz2iih8
This commit is contained in:
parent
661b4e0786
commit
acd84e72c6
|
@ -2,6 +2,7 @@ import logging
|
|||
import urllib2
|
||||
|
||||
import werkzeug.urls
|
||||
import werkzeug.utils
|
||||
|
||||
import openerp.modules.registry
|
||||
import openerp.addons.web.controllers.main
|
||||
|
@ -22,10 +23,14 @@ class OAuthController(openerpweb.Controller):
|
|||
u = registry.get('res.users')
|
||||
r = u.auth_oauth(cr, 1, kw)
|
||||
cr.commit()
|
||||
# return openerp.addons.web.controllers.main.login_and_redirect(req, *r)
|
||||
# or
|
||||
# req.authenticate(*r)
|
||||
# url = "/"
|
||||
# tmp = openerp.addons.web.controllers.main.login_and_redirect(req, cr, *r)
|
||||
# req.session.authenticate(db, login, key, {})
|
||||
# redirect = werkzeug.utils.redirect("http://localhost:8069/", 303)
|
||||
# redirect.autocorrect_location_header = False
|
||||
# cookie_val = urllib2.quote(simplejson.dumps(req.session_id))
|
||||
# redirect.set_cookie('instance0|session_id', cookie_val)
|
||||
print r
|
||||
return openerp.addons.web.controllers.main.login_and_redirect(req, *r)
|
||||
except AttributeError:
|
||||
# auth_signup is not installed
|
||||
url = "/#action=auth_signup&error=1"
|
||||
|
|
|
@ -9,35 +9,14 @@ class res_users(osv.Model):
|
|||
|
||||
_inherit = 'res.users'
|
||||
|
||||
def auth_oauth(self, cr, uid, params, context=None):
|
||||
# Advice by Google (to avoid Confused Deputy Problem)
|
||||
# if validation.audience != OUR_CLIENT_ID:
|
||||
# abort()
|
||||
# else:
|
||||
# continue with the process
|
||||
login = self.auth_oauth_fetch_user_validation(cr, uid, params)['email']
|
||||
password = self.auth_oauth_fetch_user_validation(cr, uid, params)['user_id']
|
||||
name = self.auth_oauth_fetch_user_data(cr, uid, params)['name']
|
||||
r = (cr.dbname, login, password)
|
||||
try:
|
||||
# check for existing user
|
||||
if not self.auth_signup_check(cr, uid, login, password):
|
||||
# new user
|
||||
new_user = {
|
||||
'name': name,
|
||||
'login': login,
|
||||
'user_email': login,
|
||||
'password': password,
|
||||
'active': True,
|
||||
}
|
||||
self.auth_signup_create(cr, uid, new_user)
|
||||
return r
|
||||
else:
|
||||
# already existing with same password
|
||||
return r
|
||||
except openerp.exceptions.AccessDenied:
|
||||
# already existing with diffrent password
|
||||
raise
|
||||
_columns = {
|
||||
'oauth_provider': fields.char('OAuth Provider', size=1024),
|
||||
'oauth_uid': fields.char('OAuth User ID', size=256,
|
||||
help="Used for disambiguation in case of a shared OpenID URL"),
|
||||
'oauth_access_token': fields.char('OAuth Token',
|
||||
readonly=True),
|
||||
}
|
||||
|
||||
def auth_oauth_rpc(self, cr, uid, endpoint, params, context=None):
|
||||
url = endpoint + params.get('access_token')
|
||||
f = urllib2.urlopen(url)
|
||||
|
@ -52,4 +31,59 @@ class res_users(osv.Model):
|
|||
endpoint = 'https://www.googleapis.com/oauth2/v1/userinfo?access_token='
|
||||
return self.auth_oauth_rpc(cr, uid, endpoint, params)
|
||||
|
||||
def auth_oauth(self, cr, uid, params, context=None):
|
||||
# Advice by Google (to avoid Confused Deputy Problem)
|
||||
# if validation.audience != OUR_CLIENT_ID:
|
||||
# abort()
|
||||
# else:
|
||||
# continue with the process
|
||||
validation = self.auth_oauth_fetch_user_validation(cr, uid, params)
|
||||
login = validation['email']
|
||||
oauth_uid = validation['user_id']
|
||||
name = self.auth_oauth_fetch_user_data(cr, uid, params)['name']
|
||||
r = (cr.dbname, login, oauth_uid)
|
||||
try:
|
||||
# check for existing user
|
||||
if not self.auth_signup_check(cr, uid, login, oauth_uid):
|
||||
# new user
|
||||
new_user = {
|
||||
'name': name,
|
||||
'login': login,
|
||||
'user_email': login,
|
||||
'oauth_provider': 'Google',
|
||||
'oauth_uid': oauth_uid,
|
||||
'oauth_access_token': params.get('access_token'),
|
||||
'active': True,
|
||||
}
|
||||
self.auth_signup_create(cr, uid, new_user)
|
||||
return r
|
||||
else:
|
||||
# already existing with same password
|
||||
return r
|
||||
except openerp.exceptions.AccessDenied:
|
||||
# already existing with diffrent password
|
||||
raise
|
||||
|
||||
def check(self, db, uid, passwd):
|
||||
try:
|
||||
return super(res_users, self).check(db, uid, passwd)
|
||||
except openerp.exceptions.AccesDenied:
|
||||
if not passwd:
|
||||
raise
|
||||
try:
|
||||
registry = openerp.modules.registry.RegistryManager.get(db)
|
||||
cr = registry.db.cursor()
|
||||
cr.execute('''SELECT COUNT(1)
|
||||
FROM res_users
|
||||
WHERE id=%s
|
||||
AND oauth_key=%s
|
||||
AND active=%s''',
|
||||
(int(uid), passwd, True))
|
||||
if not cr.fetchone()[0]:
|
||||
raise
|
||||
self._uid_cache.setdefault(db, {})[uid] = passwd
|
||||
finally:
|
||||
cr.close()
|
||||
|
||||
|
||||
#
|
||||
|
|
File diff suppressed because one or more lines are too long
Loading…
Reference in New Issue