odoo/addons/auth_signup/controllers/main.py

# -*- coding: utf-8 -*-
##############################################################################
#
#    OpenERP, Open Source Management Solution
#    Copyright (C) 2012-today OpenERP SA (<http://www.openerp.com>)
#
#    This program is free software: you can redistribute it and/or modify
#    it under the terms of the GNU Affero General Public License as
#    published by the Free Software Foundation, either version 3 of the
#    License, or (at your option) any later version
#
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU Affero General Public License for more details
#
#    You should have received a copy of the GNU Affero General Public License
#    along with this program.  If not, see <http://www.gnu.org/licenses/>
#
##############################################################################
import logging

import openerp
import openerp.addons.web.controllers.main as webmain
from openerp.addons.auth_signup.res_users import SignupError
from openerp import http
from openerp.http import request, LazyResponse
from openerp.tools.translate import _
from openerp.tools import exception_to_unicode

_logger = logging.getLogger(__name__)

class AuthSignup(openerp.addons.web.controllers.main.Home):

    @http.route()
    def web_login(self, *args, **kw):
        mode = request.params.get('mode')
        qcontext = request.params.copy()
        super_response = None
        if request.httprequest.method != 'POST' or mode not in ('reset', 'signup'):
            # Default behavior is to try to login,  which in reset or signup mode in a non-sense.
            super_response = super(AuthSignup, self).web_login(*args, **kw)
        response = webmain.render_bootstrap_template(request.session.db, 'auth_signup.signup', qcontext, lazy=True)
        if isinstance(super_response, LazyResponse):
            response.params['values'].update(super_response.params['values'])
        token = qcontext.get('token', None)
        token_infos = None
        if token:
            try:
                # retrieve the user info (name, login or email) corresponding to a signup token
                res_partner = request.registry.get('res.partner')
                token_infos = res_partner.signup_retrieve_info(request.cr, openerp.SUPERUSER_ID, token)
                for k, v in token_infos.items():
                    qcontext.setdefault(k, v)
            except:
                qcontext['error'] = _("Invalid signup token")
                response.params['template'] = 'web.login'
                return response

        # retrieve the module config (which features are enabled) for the login page
        icp = request.registry.get('ir.config_parameter')
        config = {
            'signup': icp.get_param(request.cr, openerp.SUPERUSER_ID, 'auth_signup.allow_uninvited') == 'True',
            'reset': icp.get_param(request.cr, openerp.SUPERUSER_ID, 'auth_signup.reset_password') == 'True',
        }
        qcontext.update(config)

        if 'error' in request.params or mode not in ('reset', 'signup') or (not token and not config[mode]):
            if isinstance(super_response, LazyResponse):
                super_response.params['values'].update(config)
            return super_response

        if request.httprequest.method == 'GET':
            if token_infos:
                qcontext.update(token_infos)
        else:
            res_users = request.registry.get('res.users')
            login = request.params.get('login')
            if mode == 'reset' and not token:
                try:
                    res_users.reset_password(request.cr, openerp.SUPERUSER_ID, login)
                    qcontext['message'] = _("An email has been sent with credentials to reset your password")
                    response.params['template'] = 'web.login'
                except Exception, e:
                    qcontext['error'] = exception_to_unicode(e) or _("Could not reset your password")
                    _logger.exception('error when resetting password')
            else:
                values = dict((key, qcontext.get(key)) for key in ('login', 'name', 'password'))
                try:
                    self._signup_with_values(token, values)
                    redirect = request.params.get('redirect')
                    if not redirect:
                        redirect = '/web?' + request.httprequest.query_string
                    return http.redirect_with_hash(redirect)
                except SignupError, e:
                    qcontext['error'] = exception_to_unicode(e)

        return response

    def _signup_with_values(self, token, values):
        db, login, password = request.registry['res.users'].signup(request.cr, openerp.SUPERUSER_ID, values, token)
        request.cr.commit()     # as authenticate will use its own cursor we need to commit the current transaction
        uid = request.session.authenticate(db, login, password)
        if not uid:
            raise SignupError(_('Authentification Failed.'))


# vim:expandtab:tabstop=4:softtabstop=4:shiftwidth=4:
[IMP] auth_signup: extend the login form to allow signups bzr revid: rco@openerp.com-20120925104013-f2vfqcjknx7zyo26 2012-09-25 10:40:13 +00:00			`# -- coding: utf-8 --`
			`##############################################################################`
			`#`
			`# OpenERP, Open Source Management Solution`
			`# Copyright (C) 2012-today OpenERP SA (<http://www.openerp.com>)`
			`#`
			`# This program is free software: you can redistribute it and/or modify`
			`# it under the terms of the GNU Affero General Public License as`
			`# published by the Free Software Foundation, either version 3 of the`
			`# License, or (at your option) any later version`
			`#`
			`# This program is distributed in the hope that it will be useful,`
			`# but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`# GNU Affero General Public License for more details`
			`#`
			`# You should have received a copy of the GNU Affero General Public License`
			`# along with this program. If not, see <http://www.gnu.org/licenses/>`
			`#`
			`##############################################################################`
[IMP] remove standalone web client, fix imports bzr revid: al@openerp.com-20121010204617-ah29rz616xo7i2dr 2012-10-10 20:46:17 +00:00			`import logging`

			`import openerp`
[IMP] auth_signup converted to server side module bzr revid: fme@openerp.com-20140121152027-7wch4r7dt2ew0did 2014-01-21 15:20:27 +00:00			`import openerp.addons.web.controllers.main as webmain`
[FIX] auth_signup: +s bzr revid: chs@openerp.com-20140128142132-skzuuzmkhvsl1sgz 2014-01-28 14:21:32 +00:00			`from openerp.addons.auth_signup.res_users import SignupError`
import cleanups part1 bzr revid: al@openerp.com-20131022170659-kg9err029ha22evh 2013-10-22 17:06:59 +00:00			`from openerp import http`
[WIP] auth_signup bzr revid: fme@openerp.com-20140117141806-r6f1dejdcg7ii1e0 2014-01-17 14:18:06 +00:00			`from openerp.http import request, LazyResponse`
[IMP] auth_signup converted to server side module bzr revid: fme@openerp.com-20140121152027-7wch4r7dt2ew0did 2014-01-21 15:20:27 +00:00			`from openerp.tools.translate import _`
[IMP] auth_signup: allow overwrite of signup page bzr revid: chs@openerp.com-20140128135507-uvzpqqjzik2inyu3 2014-01-28 13:55:07 +00:00			`from openerp.tools import exception_to_unicode`
sign up with controller bzr revid: al@openerp.com-20120812170603-mnp54q5xn9htg6vj 2012-08-12 17:06:03 +00:00
			`_logger = logging.getLogger(__name__)`

[IMP] Cosmetic change for easier debugging bzr revid: fme@openerp.com-20140203122300-pduwmt5z5cprehey 2014-02-03 12:23:00 +00:00			`class AuthSignup(openerp.addons.web.controllers.main.Home):`
[WIP] auth_signup bzr revid: fme@openerp.com-20140117141806-r6f1dejdcg7ii1e0 2014-01-17 14:18:06 +00:00
[IMP] auth_signup converted to server side module bzr revid: fme@openerp.com-20140121152027-7wch4r7dt2ew0did 2014-01-21 15:20:27 +00:00			`@http.route()`
[WIP] auth_signup bzr revid: fme@openerp.com-20140117141806-r6f1dejdcg7ii1e0 2014-01-17 14:18:06 +00:00			`def web_login(self, args, *kw):`
[IMP] auth_signup converted to server side module bzr revid: fme@openerp.com-20140121152027-7wch4r7dt2ew0did 2014-01-21 15:20:27 +00:00			`mode = request.params.get('mode')`
			`qcontext = request.params.copy()`
[FIX] auth_signup: fix route when mode signup or reset Do not call super web_login when in mode reset or signup mode, as this is non-sense. bzr revid: odo@openerp.com-20140219110335-lz7ti2r1dxst36ty 2014-02-19 11:03:35 +00:00			`super_response = None`
			`if request.httprequest.method != 'POST' or mode not in ('reset', 'signup'):`
			`# Default behavior is to try to login, which in reset or signup mode in a non-sense.`
			`super_response = super(AuthSignup, self).web_login(args, *kw)`
[IMP] auth_signup converted to server side module bzr revid: fme@openerp.com-20140121152027-7wch4r7dt2ew0did 2014-01-21 15:20:27 +00:00			`response = webmain.render_bootstrap_template(request.session.db, 'auth_signup.signup', qcontext, lazy=True)`
dirty fix for auth_signup bzr revid: al@openerp.com-20140208004731-atwco93ghwspmlh3 2014-02-08 00:47:31 +00:00			`if isinstance(super_response, LazyResponse):`
			`response.params['values'].update(super_response.params['values'])`
[IMP] auth_signup converted to server side module bzr revid: fme@openerp.com-20140121152027-7wch4r7dt2ew0did 2014-01-21 15:20:27 +00:00			`token = qcontext.get('token', None)`
			`token_infos = None`
			`if token:`
			`try:`
			`# retrieve the user info (name, login or email) corresponding to a signup token`
			`res_partner = request.registry.get('res.partner')`
			`token_infos = res_partner.signup_retrieve_info(request.cr, openerp.SUPERUSER_ID, token)`
			`for k, v in token_infos.items():`
			`qcontext.setdefault(k, v)`
			`except:`
			`qcontext['error'] = _("Invalid signup token")`
			`response.params['template'] = 'web.login'`
			`return response`
[WIP] auth_signup bzr revid: fme@openerp.com-20140117141806-r6f1dejdcg7ii1e0 2014-01-17 14:18:06 +00:00
[IMP] auth_signup converted to server side module bzr revid: fme@openerp.com-20140121152027-7wch4r7dt2ew0did 2014-01-21 15:20:27 +00:00			`# retrieve the module config (which features are enabled) for the login page`
			`icp = request.registry.get('ir.config_parameter')`
			`config = {`
			`'signup': icp.get_param(request.cr, openerp.SUPERUSER_ID, 'auth_signup.allow_uninvited') == 'True',`
			`'reset': icp.get_param(request.cr, openerp.SUPERUSER_ID, 'auth_signup.reset_password') == 'True',`
			`}`
			`qcontext.update(config)`
[IMP] auth_signup: extend the login form to allow signups bzr revid: rco@openerp.com-20120925104013-f2vfqcjknx7zyo26 2012-09-25 10:40:13 +00:00
[FIX] auth_signup: when POSTing signup data, there is always an error in qcontext as default behaviour is trying to login with data (error injected by super() call) bzr revid: chs@openerp.com-20140211140255-mv84m6fb0sqkflm5 2014-02-11 14:02:55 +00:00			`if 'error' in request.params or mode not in ('reset', 'signup') or (not token and not config[mode]):`
dirty fix for auth_signup bzr revid: al@openerp.com-20140208004731-atwco93ghwspmlh3 2014-02-08 00:47:31 +00:00			`if isinstance(super_response, LazyResponse):`
			`super_response.params['values'].update(config)`
			`return super_response`
[IMP] auth_signup: split controller method to allow overridding bzr revid: rco@openerp.com-20121123160048-vaeiyeok9x430dku 2012-11-23 16:00:48 +00:00
[IMP] auth_signup converted to server side module bzr revid: fme@openerp.com-20140121152027-7wch4r7dt2ew0did 2014-01-21 15:20:27 +00:00			`if request.httprequest.method == 'GET':`
			`if token_infos:`
			`qcontext.update(token_infos)`
			`else:`
			`res_users = request.registry.get('res.users')`
			`login = request.params.get('login')`
			`if mode == 'reset' and not token:`
			`try:`
			`res_users.reset_password(request.cr, openerp.SUPERUSER_ID, login)`
			`qcontext['message'] = _("An email has been sent with credentials to reset your password")`
			`response.params['template'] = 'web.login'`
[FIX] auth_signup: fix route when mode signup or reset Do not call super web_login when in mode reset or signup mode, as this is non-sense. bzr revid: odo@openerp.com-20140219110335-lz7ti2r1dxst36ty 2014-02-19 11:03:35 +00:00			`except Exception, e:`
			`qcontext['error'] = exception_to_unicode(e) or _("Could not reset your password")`
[IMP] auth_signup converted to server side module bzr revid: fme@openerp.com-20140121152027-7wch4r7dt2ew0did 2014-01-21 15:20:27 +00:00			`_logger.exception('error when resetting password')`
			`else:`
[CHG] python 2.6 compat' bzr revid: xmo@openerp.com-20140122161727-0inchgb570e1r7pi 2014-01-22 16:17:27 +00:00			`values = dict((key, qcontext.get(key)) for key in ('login', 'name', 'password'))`
[IMP] auth_signup: allow overwrite of signup page bzr revid: chs@openerp.com-20140128135507-uvzpqqjzik2inyu3 2014-01-28 13:55:07 +00:00			`try:`
			`self._signup_with_values(token, values)`
[FIX] auth_signup: do not shadow errors bzr revid: chs@openerp.com-20140211132901-o7e8cup1hlc6mxzf 2014-02-11 13:29:01 +00:00			`redirect = request.params.get('redirect')`
			`if not redirect:`
			`redirect = '/web?' + request.httprequest.query_string`
			`return http.redirect_with_hash(redirect)`
[IMP] auth_signup: allow overwrite of signup page bzr revid: chs@openerp.com-20140128135507-uvzpqqjzik2inyu3 2014-01-28 13:55:07 +00:00			`except SignupError, e:`
			`qcontext['error'] = exception_to_unicode(e)`
sign up with controller bzr revid: al@openerp.com-20120812170603-mnp54q5xn9htg6vj 2012-08-12 17:06:03 +00:00
[IMP] auth_signup converted to server side module bzr revid: fme@openerp.com-20140121152027-7wch4r7dt2ew0did 2014-01-21 15:20:27 +00:00			`return response`
[ADD] auth_signup: merge in functionality of auth_reset_password bzr revid: rco@openerp.com-20121203144424-39wrr5z78smswox2 2012-12-03 14:44:24 +00:00
[IMP] auth_signup: allow overwrite of signup page bzr revid: chs@openerp.com-20140128135507-uvzpqqjzik2inyu3 2014-01-28 13:55:07 +00:00			`def _signup_with_values(self, token, values):`
[FIX] auth_signup: do not shadow errors bzr revid: chs@openerp.com-20140211132901-o7e8cup1hlc6mxzf 2014-02-11 13:29:01 +00:00			`db, login, password = request.registry['res.users'].signup(request.cr, openerp.SUPERUSER_ID, values, token)`
[FIX] auth_signup: correct authentification after successfull signup bzr revid: chs@openerp.com-20140213190845-azch00bppzp1pk0d 2014-02-13 19:08:45 +00:00			`request.cr.commit() # as authenticate will use its own cursor we need to commit the current transaction`
[FIX] auth_signup: do not shadow errors bzr revid: chs@openerp.com-20140211132901-o7e8cup1hlc6mxzf 2014-02-11 13:29:01 +00:00			`uid = request.session.authenticate(db, login, password)`
[FIX] auth_signup: correct authentification after successfull signup bzr revid: chs@openerp.com-20140213190845-azch00bppzp1pk0d 2014-02-13 19:08:45 +00:00			`if not uid:`
[FIX] auth_signup: do not shadow errors bzr revid: chs@openerp.com-20140211132901-o7e8cup1hlc6mxzf 2014-02-11 13:29:01 +00:00			`raise SignupError(_('Authentification Failed.'))`
[IMP] auth_signup: allow overwrite of signup page bzr revid: chs@openerp.com-20140128135507-uvzpqqjzik2inyu3 2014-01-28 13:55:07 +00:00

sign up with controller bzr revid: al@openerp.com-20120812170603-mnp54q5xn9htg6vj 2012-08-12 17:06:03 +00:00			`# vim:expandtab:tabstop=4:softtabstop=4:shiftwidth=4:`