[FIX] completely destroy the current openerp session on logout (but leave the webclient session), so other tabs using the same session get unlogged
lp bug: https://launchpad.net/bugs/925386 fixed bzr revid: xmo@openerp.com-20120210164309-lyslwm4t94a4jd7g
This commit is contained in:
parent
e0a346f0eb
commit
b79f91a0f5
|
@ -357,11 +357,13 @@ def session_context(request, storage_path, session_cookie='sessionid'):
|
|||
# session id, and are generally noise
|
||||
removed_sessions = set()
|
||||
for key, value in request.session.items():
|
||||
if (isinstance(value, session.OpenERPSession)
|
||||
and not value._uid
|
||||
and not value.jsonp_requests
|
||||
and value._creation_time + (60*5) < time.time() # FIXME do not use a fixed value
|
||||
):
|
||||
if not isinstance(value, session.OpenERPSession):
|
||||
continue
|
||||
if getattr(value, '_suicide', False) or (
|
||||
not value._uid
|
||||
and not value.jsonp_requests
|
||||
# FIXME do not use a fixed value
|
||||
and value._creation_time + (60*5) < time.time()):
|
||||
_logger.debug('remove session %s', key)
|
||||
removed_sessions.add(key)
|
||||
del request.session[key]
|
||||
|
|
|
@ -36,6 +36,7 @@ class OpenERPSession(object):
|
|||
self._uid = False
|
||||
self._login = False
|
||||
self._password = False
|
||||
self._suicide = False
|
||||
self.context = {}
|
||||
self.contexts_store = {}
|
||||
self.domains_store = {}
|
||||
|
|
|
@ -613,6 +613,10 @@ class Session(openerpweb.Controller):
|
|||
req.session.assert_valid()
|
||||
return None
|
||||
|
||||
@openerpweb.jsonrequest
|
||||
def destroy(self, req):
|
||||
req.session._suicide = True
|
||||
|
||||
def eval_context_and_domain(session, context, domain=None):
|
||||
e_context = session.eval_context(context)
|
||||
# should we give the evaluated context as an evaluation context to the domain?
|
||||
|
|
|
@ -1147,12 +1147,14 @@ openerp.web.WebClient = openerp.web.OldWidget.extend(/** @lends openerp.web.WebC
|
|||
n.warn.apply(n, arguments);
|
||||
},
|
||||
on_logout: function() {
|
||||
this.session.session_logout();
|
||||
$(window).unbind('hashchange', this.on_hashchange);
|
||||
this.do_push_state({});
|
||||
//would be cool to be able to do this, but I think it will make addons do strange things
|
||||
//this.show_login();
|
||||
window.location.reload();
|
||||
var self = this;
|
||||
this.session.session_logout().then(function () {
|
||||
$(window).unbind('hashchange', self.on_hashchange);
|
||||
self.do_push_state({});
|
||||
//would be cool to be able to do this, but I think it will make addons do strange things
|
||||
//this.show_login();
|
||||
window.location.reload();
|
||||
});
|
||||
},
|
||||
bind_hashchange: function() {
|
||||
$(window).bind('hashchange', this.on_hashchange);
|
||||
|
|
|
@ -674,6 +674,7 @@ openerp.web.Connection = openerp.web.CallbackEnabled.extend( /** @lends openerp.
|
|||
},
|
||||
session_logout: function() {
|
||||
this.set_cookie('session_id', '');
|
||||
return this.rpc("/web/session/destroy", {});
|
||||
},
|
||||
on_session_valid: function() {
|
||||
},
|
||||
|
|
Loading…
Reference in New Issue