first push message
This commit is contained in:
@@ -0,0 +1,2 @@
|
||||
from . import controllers
|
||||
from . import models
|
||||
@@ -0,0 +1,33 @@
|
||||
{
|
||||
'name': "auth_oauth_company_website",
|
||||
|
||||
'summary': "Short (1 phrase/line) summary of the module's purpose",
|
||||
|
||||
'description': """
|
||||
Long description of module's purpose
|
||||
""",
|
||||
|
||||
'author': "My Company",
|
||||
'website': "https://www.yourcompany.com",
|
||||
|
||||
# Categories can be used to filter modules in modules listing
|
||||
# Check https://github.com/odoo/odoo/blob/15.0/odoo/addons/base/data/ir_module_category_data.xml
|
||||
# for the full list
|
||||
'category': 'Uncategorized',
|
||||
'version': '0.1',
|
||||
|
||||
# any module necessary for this one to work correctly
|
||||
'depends': ['auth_oauth', 'website'],
|
||||
|
||||
# always loaded
|
||||
'data': [
|
||||
# 'security/ir.model.access.csv',
|
||||
'views/views.xml',
|
||||
'views/templates.xml',
|
||||
],
|
||||
# only loaded in demonstration mode
|
||||
'demo': [
|
||||
'demo/demo.xml',
|
||||
],
|
||||
}
|
||||
|
||||
@@ -0,0 +1 @@
|
||||
from . import controllers
|
||||
Binary file not shown.
Binary file not shown.
@@ -0,0 +1,43 @@
|
||||
from odoo import http
|
||||
from odoo.addons.auth_oauth.controllers.main import OAuthLogin
|
||||
from odoo.http import request
|
||||
|
||||
|
||||
class CustomOAuthLogin(OAuthLogin):
|
||||
|
||||
def list_providers(self):
|
||||
"""
|
||||
Override the standard list_providers to filter by current website.
|
||||
SECURITY FIX: Use sudo() to read provider config as public users
|
||||
do not have read access to auth.oauth.provider model.
|
||||
"""
|
||||
# Get the original list from super()
|
||||
providers = super().list_providers()
|
||||
|
||||
# Get the current website from the request context
|
||||
current_website = request.website
|
||||
|
||||
# If we are in a website context, filter the providers
|
||||
if current_website and current_website.id:
|
||||
filtered_providers = []
|
||||
for provider in providers:
|
||||
# SECURITY: Use sudo() to avoid AccessError for public users
|
||||
# We search by client_id because the list_providers returns dicts with client_id
|
||||
provider_rec = self.env['auth.oauth.provider'].sudo().search(
|
||||
[('client_id', '=', provider['client_id'])],
|
||||
limit=1
|
||||
)
|
||||
|
||||
if provider_rec:
|
||||
# Logic: Show if Website ID matches OR if Website ID is empty (Global)
|
||||
match_website = not provider_rec.website_id or provider_rec.website_id.id == current_website.id
|
||||
|
||||
# Optional: Add Company Check if needed
|
||||
# match_company = not provider_rec.company_id or provider_rec.company_id.id == request.env.company.id
|
||||
|
||||
if match_website:
|
||||
filtered_providers.append(provider)
|
||||
|
||||
return filtered_providers
|
||||
|
||||
return providers
|
||||
@@ -0,0 +1,30 @@
|
||||
<odoo>
|
||||
<data>
|
||||
<!--
|
||||
<record id="object0" model="auth_oauth_company_website.auth_oauth_company_website">
|
||||
<field name="name">Object 0</field>
|
||||
<field name="value">0</field>
|
||||
</record>
|
||||
|
||||
<record id="object1" model="auth_oauth_company_website.auth_oauth_company_website">
|
||||
<field name="name">Object 1</field>
|
||||
<field name="value">10</field>
|
||||
</record>
|
||||
|
||||
<record id="object2" model="auth_oauth_company_website.auth_oauth_company_website">
|
||||
<field name="name">Object 2</field>
|
||||
<field name="value">20</field>
|
||||
</record>
|
||||
|
||||
<record id="object3" model="auth_oauth_company_website.auth_oauth_company_website">
|
||||
<field name="name">Object 3</field>
|
||||
<field name="value">30</field>
|
||||
</record>
|
||||
|
||||
<record id="object4" model="auth_oauth_company_website.auth_oauth_company_website">
|
||||
<field name="name">Object 4</field>
|
||||
<field name="value">40</field>
|
||||
</record>
|
||||
-->
|
||||
</data>
|
||||
</odoo>
|
||||
@@ -0,0 +1 @@
|
||||
from . import models
|
||||
Binary file not shown.
Binary file not shown.
@@ -0,0 +1,23 @@
|
||||
from odoo import models, fields, api
|
||||
|
||||
class AuthOAuthProvider(models.Model):
|
||||
_inherit = 'auth.oauth.provider'
|
||||
|
||||
company_id = fields.Many2one(
|
||||
'res.company',
|
||||
string='Allowed Company',
|
||||
help="If set, this provider is only available for this company's users."
|
||||
)
|
||||
website_id = fields.Many2one(
|
||||
'website',
|
||||
string='Allowed Website',
|
||||
help="If set, this provider button will only show on this website's login page."
|
||||
)
|
||||
|
||||
@api.onchange('company_id')
|
||||
def _onchange_company_id(self):
|
||||
"""Automatically link website if company is selected and only one website exists for that company"""
|
||||
if self.company_id and not self.website_id:
|
||||
website = self.env['website'].search([('company_id', '=', self.company_id.id)], limit=1)
|
||||
if website:
|
||||
self.website_id = website.id
|
||||
@@ -0,0 +1,2 @@
|
||||
id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
|
||||
access_auth_oauth_company_website_auth_oauth_company_website,auth_oauth_company_website.auth_oauth_company_website,model_auth_oauth_company_website_auth_oauth_company_website,base.group_user,1,1,1,1
|
||||
|
@@ -0,0 +1,24 @@
|
||||
<odoo>
|
||||
<data>
|
||||
<!--
|
||||
<template id="listing">
|
||||
<ul>
|
||||
<li t-foreach="objects" t-as="object">
|
||||
<a t-attf-href="#{ root }/objects/#{ object.id }">
|
||||
<t t-esc="object.display_name"/>
|
||||
</a>
|
||||
</li>
|
||||
</ul>
|
||||
</template>
|
||||
<template id="object">
|
||||
<h1><t t-esc="object.display_name"/></h1>
|
||||
<dl>
|
||||
<t t-foreach="object._fields" t-as="field">
|
||||
<dt><t t-esc="field"/></dt>
|
||||
<dd><t t-esc="object[field]"/></dd>
|
||||
</t>
|
||||
</dl>
|
||||
</template>
|
||||
-->
|
||||
</data>
|
||||
</odoo>
|
||||
@@ -0,0 +1,14 @@
|
||||
<odoo>
|
||||
<record id="view_oauth_provider_form_inherit" model="ir.ui.view">
|
||||
<field name="name">auth.oauth.provider.form.inherit</field>
|
||||
<field name="model">auth.oauth.provider</field>
|
||||
<field name="inherit_id" ref="auth_oauth.view_oauth_provider_form"/>
|
||||
<field name="arch" type="xml">
|
||||
<!-- Only System Administrators should see/edit these fields -->
|
||||
<xpath expr="//field[@name='client_id']" position="after">
|
||||
<field name="company_id" groups="base.group_system"/>
|
||||
<field name="website_id" groups="base.group_system"/>
|
||||
</xpath>
|
||||
</field>
|
||||
</record>
|
||||
</odoo>
|
||||
Reference in New Issue
Block a user