Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[18.0][MIG] auth_session_timeout #715

Open
wants to merge 42 commits into
base: 18.0
Choose a base branch
from

Conversation

astirpe
Copy link
Member

@astirpe astirpe commented Oct 17, 2024

Migration from #646

pedrobaeza and others added 30 commits October 17, 2024 09:45
… True * Add Usage section to ReadMe w/ Runbot link * `_crypt_context` now directly exposes the `CryptContext` * Change all instances of openerp to odoo * Add test coverage to IrConfigParameter * Add test coverage for res.users * Remove db from `get_session_parameters` method call * Remove deprecated skiparg for ormcache * Fix tests & lint * Switch cache to use self.cr.dbname * Fix ormcache
* Module auth_session_timeout:
---------------------------

* Refactor to allow other modules to inherit and augment or override the following:
** Session expiry time (deadline) calculation
** Ignored URLs
** Final session expiry (with possibility to late-abort)
* Re-ordered functionality to remove unnecessary work, as this code is called very often.
* Do not expire a session if delay gets set to zero (or unset / false)

* WIP

* Fixed flake8 lint errors

* Fixed flake8 lint errors

* WIP

* WIP

* WIP

* WIP

* WIP

* WIP

* Module: auth-session-timeout: Refactor ResUser tests to use `unittest.mock` patching

* Module: auth_session_timeout: Fixed flake8 lint errors

* Module: auth_session_timeout: Fixed flake8 lint errors
…e backwards compatibility methods that were retained during v9 rework * Upgrade API and rename a few things for PEP-8 * Switch to HttpCase for tests * Switch to isolated build
… (#1070)

* corrects AttributeError: 'HttpRequest' object has no attribute 'http'

* updates the module version number for pull request #1070
New changes for move module, clean module, apply new oca guideline and make
compatible with 11.0:

* Move module from oca/server-tools:10.0  to oca/server-auth:11.0
* Remove .DS_Store files, addd by mistake in early changes and not needed.
* Fix error when make RPC request. Applied thanks to comment added by @christophlsa. For more information go to OCA/server-tools#1163 (review)
* Update version to the first one in 11.0
* Update README to match new guideline
* Remove she bang coding
* Use _authenticate method instead of deprecated method check. For more information go to https://github.com/odoo/odoo/blob/11.0/odoo/http.py#L1049
* Improve auth_session_timeout method return raise SessionExpiredException exception instead of False. This will show a "session expired please reload page" message to the user.
* Fix update unitet test. make then turn green and the update then to make them match with new changes

  - There was not getmtime() result definied in this test case, For that reason was returning a MagicMock() object, For this case their are trying to test that the session is valid, this is the same that the path of the file with session is not expired. To simulate that I just updated for the test case the getmtime() result to a value that will be greater than the delay expected: I used the current time This way when evaluationg if the sessions is expire will return False instead of TypeError: unorderable types: MagicMock() < float() The unit test still works the same and the result is without errors.

* Fix plylint errors:

  - E302 expected 2 blank lines,
  - Not used variable and not valid var name. Remove e varaible since is not valid name and this one is not been used.
Currently translated at 100.0% (3 of 3 strings)

Translation: server-auth-12.0/server-auth-12.0-auth_session_timeout
Translate-URL: https://translation.odoo-community.org/projects/server-auth-12-0/server-auth-12-0-auth_session_timeout/pt_BR/
Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: server-auth-13.0/server-auth-13.0-auth_session_timeout
Translate-URL: https://translation.odoo-community.org/projects/server-auth-13-0/server-auth-13-0-auth_session_timeout/
Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: server-auth-13.0/server-auth-13.0-auth_session_timeout
Translate-URL: https://translation.odoo-community.org/projects/server-auth-13-0/server-auth-13-0-auth_session_timeout/
Make it so session timeout doe not apply to requests
to a route with auth_method="public".

Forward port of OCA#258
Currently translated at 100.0% (3 of 3 strings)

Translation: server-auth-14.0/server-auth-14.0-auth_session_timeout
Translate-URL: https://translation.odoo-community.org/projects/server-auth-14-0/server-auth-14-0-auth_session_timeout/pt_BR/
Currently translated at 100.0% (3 of 3 strings)

Translation: server-auth-15.0/server-auth-15.0-auth_session_timeout
Translate-URL: https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-auth_session_timeout/ca/
Currently translated at 100.0% (3 of 3 strings)

Translation: server-auth-15.0/server-auth-15.0-auth_session_timeout
Translate-URL: https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-auth_session_timeout/it/
Currently translated at 100.0% (3 of 3 strings)

Translation: server-auth-15.0/server-auth-15.0-auth_session_timeout
Translate-URL: https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-auth_session_timeout/it/
…, but /web is a public route, so it does not trigger the session check but it does trigger session save, so the file mtime is updated before the second HTTP call makes the check takes place, and session is not expired
weblate and others added 12 commits October 17, 2024 09:45
Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: server-auth-16.0/server-auth-16.0-auth_session_timeout
Translate-URL: https://translation.odoo-community.org/projects/server-auth-16-0/server-auth-16-0-auth_session_timeout/
Currently translated at 100.0% (3 of 3 strings)

Translation: server-auth-16.0/server-auth-16.0-auth_session_timeout
Translate-URL: https://translation.odoo-community.org/projects/server-auth-16-0/server-auth-16-0-auth_session_timeout/es/
Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: server-auth-16.0/server-auth-16.0-auth_session_timeout
Translate-URL: https://translation.odoo-community.org/projects/server-auth-16-0/server-auth-16-0-auth_session_timeout/
Currently translated at 100.0% (3 of 3 strings)

Translation: server-auth-16.0/server-auth-16.0-auth_session_timeout
Translate-URL: https://translation.odoo-community.org/projects/server-auth-16-0/server-auth-16-0-auth_session_timeout/es/
Currently translated at 100.0% (3 of 3 strings)

Translation: server-auth-16.0/server-auth-16.0-auth_session_timeout
Translate-URL: https://translation.odoo-community.org/projects/server-auth-16-0/server-auth-16-0-auth_session_timeout/it/
Currently translated at 100.0% (3 of 3 strings)

Translation: server-auth-16.0/server-auth-16.0-auth_session_timeout
Translate-URL: https://translation.odoo-community.org/projects/server-auth-16-0/server-auth-16-0-auth_session_timeout/ca/
@astirpe astirpe marked this pull request as ready for review October 17, 2024 07:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.