[IMP] auth_signup: fallback to login when token is no longer valid but user exists
bzr revid: rco@openerp.com-20120928142103-3a4vbs7y3gw135qm
This commit is contained in:
parent
c74ce16117
commit
ad2d3c360f
|
@ -40,7 +40,6 @@ class Controller(openerpweb.Controller):
|
|||
with registry.cursor() as cr:
|
||||
res_partner = registry.get('res.partner')
|
||||
user_info = res_partner.signup_retrieve_info(cr, SUPERUSER_ID, token)
|
||||
user_info.update(db=dbname, token=token)
|
||||
return user_info
|
||||
|
||||
@openerpweb.httprequest
|
||||
|
|
|
@ -85,10 +85,13 @@ class res_partner(osv.Model):
|
|||
partner.write({'signup_token': token, 'signup_expiration': expiration})
|
||||
return True
|
||||
|
||||
def _signup_retrieve_partner(self, cr, uid, token, raise_exception=False, context=None):
|
||||
""" find the partner corresponding to a token, and check its validity
|
||||
def _signup_retrieve_partner(self, cr, uid, token,
|
||||
check_validity=False, raise_exception=False, context=None):
|
||||
""" find the partner corresponding to a token, and possibly check its validity
|
||||
:param token: the token to resolve
|
||||
:param check_validity: if True, also check validity
|
||||
:param raise_exception: if True, raise exception instead of returning False
|
||||
:return: partner (browse record) or False (if raise_exception is False)
|
||||
:raise: when token not valid (if raise_exception is True)
|
||||
"""
|
||||
partner_ids = self.search(cr, uid, [('signup_token', '=', token)], context=context)
|
||||
if not partner_ids:
|
||||
|
@ -96,7 +99,7 @@ class res_partner(osv.Model):
|
|||
raise Exception("Signup token '%s' is not valid" % token)
|
||||
return False
|
||||
partner = self.browse(cr, uid, partner_ids[0], context)
|
||||
if not partner.signup_valid:
|
||||
if check_validity and not partner.signup_valid:
|
||||
if raise_exception:
|
||||
raise Exception("Signup token '%s' is no longer valid" % token)
|
||||
return False
|
||||
|
@ -104,14 +107,23 @@ class res_partner(osv.Model):
|
|||
|
||||
def signup_retrieve_info(self, cr, uid, token, context=None):
|
||||
""" retrieve the user info about the token
|
||||
:return: either {'name': ..., 'login': ...} if a user exists for that token,
|
||||
or {'name': ..., 'email': ...} otherwise
|
||||
:return: a dictionary with the user information:
|
||||
- 'db': the name of the database
|
||||
- 'token': the token, if token is valid
|
||||
- 'name': the name of the partner, if token is valid
|
||||
- 'login': the user login, if the user already exists
|
||||
- 'email': the partner email, if the user does not exist
|
||||
"""
|
||||
partner = self._signup_retrieve_partner(cr, uid, token, raise_exception=True, context=None)
|
||||
res = {'db': cr.dbname}
|
||||
if partner.signup_valid:
|
||||
res['token'] = token
|
||||
res['name'] = partner.name
|
||||
if partner.user_ids:
|
||||
return {'name': partner.name, 'login': partner.user_ids[0].login}
|
||||
res['login'] = partner.user_ids[0].login
|
||||
else:
|
||||
return {'name': partner.name, 'email': partner.email or ''}
|
||||
res['email'] = partner.email or ''
|
||||
return res
|
||||
|
||||
|
||||
|
||||
|
@ -133,7 +145,8 @@ class res_users(osv.Model):
|
|||
if token:
|
||||
# signup with a token: find the corresponding partner id
|
||||
res_partner = self.pool.get('res.partner')
|
||||
partner = res_partner._signup_retrieve_partner(cr, uid, token, raise_exception=True, context=None)
|
||||
partner = res_partner._signup_retrieve_partner(cr, uid, token,
|
||||
check_validity=True, raise_exception=True, context=None)
|
||||
# invalidate signup token
|
||||
partner.write({'signup_token': False, 'signup_expiration': False})
|
||||
if partner.user_ids:
|
||||
|
|
|
@ -31,20 +31,23 @@ openerp.auth_signup = function(instance) {
|
|||
return d;
|
||||
},
|
||||
on_token_loaded: function(result) {
|
||||
// switch to signup mode
|
||||
this.$el.addClass("oe_login_signup");
|
||||
// select the right the database
|
||||
this.selected_db = result.db;
|
||||
this.on_db_loaded({db_list: [result.db]});
|
||||
// set the name and login of user
|
||||
this.$("form input[name=name]").val(result.name).attr("readonly", "readonly");
|
||||
if (result.login) {
|
||||
this.$("form input[name=login]").val(result.login).attr("readonly", "readonly");
|
||||
if (result.token) {
|
||||
// switch to signup mode, set user name and login
|
||||
this.$el.addClass("oe_login_signup");
|
||||
this.$("form input[name=name]").val(result.name).attr("readonly", "readonly");
|
||||
if (result.login) {
|
||||
this.$("form input[name=login]").val(result.login).attr("readonly", "readonly");
|
||||
} else {
|
||||
this.$("form input[name=login]").val(result.email);
|
||||
}
|
||||
} else {
|
||||
this.$("form input[name=login]").val(result.email);
|
||||
// remain in login mode, set login if present
|
||||
delete this.params.token;
|
||||
this.$("form input[name=login]").val(result.login || "");
|
||||
}
|
||||
this.$("form input[name=password]").val("");
|
||||
this.$("form input[name=confirm_password]").val("");
|
||||
},
|
||||
on_token_failed: function(result, ev) {
|
||||
if (ev) {
|
||||
|
|
Loading…
Reference in New Issue