odoo
/
odoo
2
0
Fork 0
Code Pull Requests Releases Activity

[IMP] http.py: Make it possible to implement a new authentication method for the routes 

bzr revid: nicolas.vanhoren@openerp.com-20130801113136-5fg9hyrptjckhtkm
This commit is contained in:
niv-openerp 2013-08-01 13:31:36 +02:00
parent adfe3e7ec9
commit f3d634a278
1 changed files with 20 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
addons/web/http.py
View File

@ -124,17 +124,7 @@ class WebRequest(object):
except SessionExpiredException, e:
self.session.logout()
raise SessionExpiredException("Session expired for request %s" % self.httprequest)
if self.auth_method == "none":
self.disable_db = True
self.uid = None
elif self.auth_method == "admin":
self.disable_db = False
if not self.db:
raise SessionExpiredException("No valid database for request %s" % self.httprequest)
self.uid = openerp.SUPERUSER_ID
else: # auth
self.disable_db = False
self.uid = self.session.uid
auth_methods[self.auth_method]()
@property
def registry(self):
"""
@ -187,6 +177,24 @@ class WebRequest(object):
self.disable_db = True
self.uid = None
def auth_method_user():
request.uid = request.session.uid
def auth_method_admin():
if not request.db:
raise SessionExpiredException("No valid database for request %s" % request.httprequest)
request.uid = openerp.SUPERUSER_ID
def auth_method_none():
request.disable_db = True
request.uid = None
auth_methods = {
"user": auth_method_user,
"admin": auth_method_admin,
"none": auth_method_none,
}
def route(route, type="http", auth="user"):
"""
Decorator marking the decorated method as being a handler for requests. The method must be part of a subclass
@ -206,7 +214,7 @@ def route(route, type="http", auth="user"):
configuration indicating the current database nor the current user.
"""
assert type in ["http", "json"]
assert auth in ["user", "admin", "none"]
assert auth in auth_methods.keys()
def decorator(f):
if isinstance(route, list):
f.routes = route