中国本土应用
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

184 lines
6.3KB

  1. # -*- coding: utf-8 -*-
  2. import json
  3. import odoo
  4. from odoo import http
  5. from odoo.http import request
  6. from odoo.tools.translate import _
  7. from odoo.addons.web.controllers.utils import is_user_internal,ensure_db
  8. UNLOCK_REQUEST_PARAMS = {
  9. "db",
  10. "login",
  11. "debug",
  12. "token",
  13. "message",
  14. "error",
  15. "scope",
  16. "mode",
  17. "redirect",
  18. "redirect_hostname",
  19. "email",
  20. "name",
  21. "partner_id",
  22. "password",
  23. "confirm_password",
  24. "city",
  25. "country_id",
  26. "lang",
  27. "signup_email",
  28. }
  29. class WebLock(http.Controller):
  30. @http.route("/web/lockscreen", type="json", auth="user",website=True,)
  31. def lockscreen(self, uid, lock_screen_info):
  32. result = {}
  33. session_info = request.env['ir.http'].session_info()
  34. frontend_session_info = request.env['ir.http'].get_frontend_session_info()
  35. storage_mode = session_info["lock_screen_state_storage_mode"]
  36. lock = {
  37. "uid": uid,
  38. "href": lock_screen_info["href"],
  39. "host": lock_screen_info["host"],
  40. "pathname": lock_screen_info["pathname"],
  41. "search": lock_screen_info["search"],
  42. "hash": lock_screen_info["hash"],
  43. }
  44. # if "lock" in lock_screen_info:
  45. # lock["lock"] = lock_screen_info["lock"]
  46. try:
  47. # if storage_mode ==1:
  48. # session_info.update({"lock_screen_state": True})
  49. # frontend_session_info.update({"lock_screen_state": True})
  50. if storage_mode ==2:
  51. user = self.env["res.users"].sudo().search([('id', '=', uid)], limit=1)
  52. except Exception as e:
  53. result.update({
  54. "state": False,
  55. "msg": str(e),
  56. })
  57. return {
  58. "state": False,
  59. }
  60. else:
  61. if storage_mode ==2:
  62. user.write({"lock_screen": True})
  63. lock["state"] = True # 更新 lock_screen_session_info["state"] 为 True
  64. request.session["lock_screen_session_info"] = json.loads(json.dumps(lock))
  65. request.session.modified = True # 标记session已修改
  66. result.update({
  67. "state": True,
  68. "msg": "",
  69. "storage_mode": storage_mode,
  70. "lock_screen_state": True,
  71. })
  72. finally:
  73. return result
  74. def _prepare_lock_layout_values(self):
  75. lock_user_sudo = request.env.user
  76. # partner_sudo = request.env.user.partner_id
  77. return {
  78. "lock_user": lock_user_sudo,
  79. }
  80. @http.route(
  81. "/web/lock",
  82. type="http",
  83. auth="user",
  84. website=True,
  85. )
  86. def lock_client(self, **kw):
  87. """
  88. 锁屏
  89. """
  90. if "lock_screen_session_info" in request.session:
  91. lock_screen_session_info = request.session["lock_screen_session_info"]
  92. lock_screen_state = lock_screen_session_info["state"]
  93. values = self._prepare_lock_layout_values()
  94. if "lock_screen_session_info" in request.session:
  95. lock_screen_session_info = request.session["lock_screen_session_info"]
  96. request.session.modified = True # 标记session已修改
  97. values.update(**lock_screen_session_info)
  98. session_info = request.env['ir.http'].session_info()
  99. # print(session_info)
  100. storage_mode = session_info["lock_screen_state_storage_mode"]
  101. lock_screen = request.env["res.users"].browse(request.session.uid).lock_screen
  102. if (
  103. request.session.uid
  104. and is_user_internal(request.session.uid)
  105. and not lock_screen and storage_mode == 2
  106. ):
  107. if lock_screen_session_info["href"]:
  108. return request.redirect(lock_screen_session_info["href"])
  109. else:
  110. return request.redirect_query("/web", "")
  111. if storage_mode==1:
  112. if not lock_screen_state:
  113. if lock_screen_session_info["href"]:
  114. return request.redirect(lock_screen_session_info["href"])
  115. else:
  116. return request.redirect_query("/web", "")
  117. response = request.render("oec_theme_backend.lock", values)
  118. response.headers["X-Frame-Options"] = "SAMEORIGIN"
  119. response.headers["Content-Security-Policy"] = "frame-ancestors 'self'"
  120. return response
  121. @http.route(
  122. "/web/unlock",
  123. type="json",
  124. auth="user",
  125. website=True,
  126. methods=["POST", "GET"],
  127. )
  128. def web_unlock(self):
  129. """
  130. 解锁
  131. """
  132. ensure_db()
  133. session_info = request.env['ir.http'].session_info()
  134. storage_mode = session_info["lock_screen_state_storage_mode"]
  135. lock_screen_session_info = request.session["lock_screen_session_info"]
  136. values = {k: v for k, v in request.params.items() if k in UNLOCK_REQUEST_PARAMS}
  137. values = self._prepare_lock_layout_values()
  138. values.update(**lock_screen_session_info,storage_mode=storage_mode)
  139. if request.httprequest.method == "POST":
  140. try:
  141. uid = request.session.authenticate(
  142. request.db, request.params["login"], request.params["password"]
  143. )
  144. values["message"] = _("The password is correct, unlocking...")
  145. if storage_mode == 1:
  146. session_info["lock_screen_state"] = False
  147. if storage_mode == 2:
  148. user = (
  149. request.env["res.users"].sudo().search([("id", "=", uid)], limit=1)
  150. )
  151. user.write({"lock_screen": False})
  152. request.session["lock_screen_session_info"]["state"] = False
  153. request.session.modified = True # 标记session已修改
  154. except odoo.exceptions.AccessDenied as e:
  155. if e.args == odoo.exceptions.AccessDenied().args:
  156. values["error"] = _("Wrong password")
  157. else:
  158. values["error"] = e.args[0]
  159. else:
  160. if "error" in request.params and request.params.get("error") == "access":
  161. values["error"] = _(
  162. "Only employees can access this database. Please contact the administrator."
  163. )
  164. return values
上海开阖软件有限公司 沪ICP备12045867号-1