中国本土应用
選択できるのは25トピックまでです。 トピックは、先頭が英数字で、英数字とダッシュ('-')を使用した35文字以内のものにしてください。

196 行
6.4KB

  1. # -*- coding: utf-8 -*-
  2. import json
  3. import odoo
  4. from odoo import http
  5. from odoo.http import request
  6. from odoo.tools.translate import _
  7. from odoo.addons.web.controllers.utils import is_user_internal, ensure_db
  8. UNLOCK_REQUEST_PARAMS = {
  9. "db",
  10. "login",
  11. "debug",
  12. "token",
  13. "message",
  14. "error",
  15. "scope",
  16. "mode",
  17. "redirect",
  18. "redirect_hostname",
  19. "email",
  20. "name",
  21. "partner_id",
  22. "password",
  23. "confirm_password",
  24. "city",
  25. "country_id",
  26. "lang",
  27. "signup_email",
  28. }
  29. class WebLock(http.Controller):
  30. @http.route(
  31. "/web/lockscreen",
  32. type="json",
  33. auth="user",
  34. website=True,
  35. )
  36. def lockscreen(self, uid, lock_screen_info):
  37. result = {}
  38. session_info = request.env["ir.http"].session_info()
  39. frontend_session_info = request.env["ir.http"].get_frontend_session_info()
  40. storage_mode = session_info["lock_screen_state_storage_mode"]
  41. lock = {
  42. "uid": uid,
  43. "href": lock_screen_info["href"],
  44. "host": lock_screen_info["host"],
  45. "pathname": lock_screen_info["pathname"],
  46. "search": lock_screen_info["search"],
  47. "hash": lock_screen_info["hash"],
  48. }
  49. # if "lock" in lock_screen_info:
  50. # lock["lock"] = lock_screen_info["lock"]
  51. try:
  52. # if storage_mode ==1:
  53. # session_info.update({"lock_screen_state": True})
  54. # frontend_session_info.update({"lock_screen_state": True})
  55. if storage_mode == 2:
  56. user = self.env["res.users"].sudo().search([("id", "=", uid)], limit=1)
  57. except Exception as e:
  58. result.update(
  59. {
  60. "state": False,
  61. "msg": str(e),
  62. }
  63. )
  64. return {
  65. "state": False,
  66. }
  67. else:
  68. if storage_mode == 2:
  69. user.write({"lock_screen": True})
  70. lock["state"] = True # 更新 lock_screen_session_info["state"] 为 True
  71. request.session["lock_screen_session_info"] = json.loads(json.dumps(lock))
  72. request.session.modified = True # 标记session已修改
  73. result.update(
  74. {
  75. "state": True,
  76. "msg": "",
  77. "storage_mode": storage_mode,
  78. "lock_screen_state": True,
  79. }
  80. )
  81. finally:
  82. return result
  83. def _prepare_lock_layout_values(self):
  84. lock_user_sudo = request.env.user
  85. # partner_sudo = request.env.user.partner_id
  86. return {
  87. "lock_user": lock_user_sudo,
  88. }
  89. @http.route(
  90. "/web/lock",
  91. type="http",
  92. auth="user",
  93. website=True,
  94. )
  95. def lock_client(self, **kw):
  96. """
  97. 锁屏
  98. """
  99. if "lock_screen_session_info" in request.session:
  100. lock_screen_session_info = request.session["lock_screen_session_info"]
  101. lock_screen_state = lock_screen_session_info["state"]
  102. values = self._prepare_lock_layout_values()
  103. if "lock_screen_session_info" in request.session:
  104. lock_screen_session_info = request.session["lock_screen_session_info"]
  105. request.session.modified = True # 标记session已修改
  106. values.update(**lock_screen_session_info)
  107. session_info = request.env["ir.http"].session_info()
  108. # print(session_info)
  109. storage_mode = session_info["lock_screen_state_storage_mode"]
  110. lock_screen = request.env["res.users"].browse(request.session.uid).lock_screen
  111. if (
  112. request.session.uid
  113. and is_user_internal(request.session.uid)
  114. and not lock_screen
  115. and storage_mode == 2
  116. ):
  117. if lock_screen_session_info["href"]:
  118. return request.redirect(lock_screen_session_info["href"])
  119. else:
  120. return request.redirect_query("/web", "")
  121. if storage_mode == 1:
  122. if not lock_screen_state:
  123. if lock_screen_session_info["href"]:
  124. return request.redirect(lock_screen_session_info["href"])
  125. else:
  126. return request.redirect_query("/web", "")
  127. response = request.render("oec_theme_backend.lock", values)
  128. response.headers["X-Frame-Options"] = "SAMEORIGIN"
  129. response.headers["Content-Security-Policy"] = "frame-ancestors 'self'"
  130. return response
  131. @http.route(
  132. "/web/unlock",
  133. type="json",
  134. auth="user",
  135. website=True,
  136. methods=["POST", "GET"],
  137. )
  138. def web_unlock(self):
  139. """
  140. 解锁
  141. """
  142. ensure_db()
  143. session_info = request.env["ir.http"].session_info()
  144. storage_mode = session_info["lock_screen_state_storage_mode"]
  145. lock_screen_session_info = request.session["lock_screen_session_info"]
  146. values = {k: v for k, v in request.params.items() if k in UNLOCK_REQUEST_PARAMS}
  147. values = self._prepare_lock_layout_values()
  148. values.update(**lock_screen_session_info, storage_mode=storage_mode)
  149. if request.httprequest.method == "POST":
  150. try:
  151. uid = request.session.authenticate(
  152. request.db, request.params["login"], request.params["password"]
  153. )
  154. values["message"] = _("The password is correct, unlocking...")
  155. if storage_mode == 1:
  156. session_info["lock_screen_state"] = False
  157. if storage_mode == 2:
  158. user = (
  159. request.env["res.users"]
  160. .sudo()
  161. .search([("id", "=", uid)], limit=1)
  162. )
  163. user.write({"lock_screen": False})
  164. request.session["lock_screen_session_info"]["state"] = False
  165. request.session.modified = True # 标记session已修改
  166. except odoo.exceptions.AccessDenied as e:
  167. if e.args == odoo.exceptions.AccessDenied().args:
  168. values["error"] = _("Wrong password")
  169. else:
  170. values["error"] = e.args[0]
  171. else:
  172. if "error" in request.params and request.params.get("error") == "access":
  173. values["error"] = _(
  174. "Only employees can access this database. Please contact the administrator."
  175. )
  176. return values
上海开阖软件有限公司 沪ICP备12045867号-1