first push message

This commit is contained in:
2026-07-01 14:41:49 +07:00
parent 6667dec2bf
commit 58b5f46cc4
2951 changed files with 316619 additions and 0 deletions
+2
View File
@@ -0,0 +1,2 @@
from . import controllers
from . import models
@@ -0,0 +1,33 @@
{
'name': "auth_oauth_company_website",
'summary': "Short (1 phrase/line) summary of the module's purpose",
'description': """
Long description of module's purpose
""",
'author': "My Company",
'website': "https://www.yourcompany.com",
# Categories can be used to filter modules in modules listing
# Check https://github.com/odoo/odoo/blob/15.0/odoo/addons/base/data/ir_module_category_data.xml
# for the full list
'category': 'Uncategorized',
'version': '0.1',
# any module necessary for this one to work correctly
'depends': ['auth_oauth', 'website'],
# always loaded
'data': [
# 'security/ir.model.access.csv',
'views/views.xml',
'views/templates.xml',
],
# only loaded in demonstration mode
'demo': [
'demo/demo.xml',
],
}
@@ -0,0 +1 @@
from . import controllers
@@ -0,0 +1,43 @@
from odoo import http
from odoo.addons.auth_oauth.controllers.main import OAuthLogin
from odoo.http import request
class CustomOAuthLogin(OAuthLogin):
def list_providers(self):
"""
Override the standard list_providers to filter by current website.
SECURITY FIX: Use sudo() to read provider config as public users
do not have read access to auth.oauth.provider model.
"""
# Get the original list from super()
providers = super().list_providers()
# Get the current website from the request context
current_website = request.website
# If we are in a website context, filter the providers
if current_website and current_website.id:
filtered_providers = []
for provider in providers:
# SECURITY: Use sudo() to avoid AccessError for public users
# We search by client_id because the list_providers returns dicts with client_id
provider_rec = self.env['auth.oauth.provider'].sudo().search(
[('client_id', '=', provider['client_id'])],
limit=1
)
if provider_rec:
# Logic: Show if Website ID matches OR if Website ID is empty (Global)
match_website = not provider_rec.website_id or provider_rec.website_id.id == current_website.id
# Optional: Add Company Check if needed
# match_company = not provider_rec.company_id or provider_rec.company_id.id == request.env.company.id
if match_website:
filtered_providers.append(provider)
return filtered_providers
return providers
+30
View File
@@ -0,0 +1,30 @@
<odoo>
<data>
<!--
<record id="object0" model="auth_oauth_company_website.auth_oauth_company_website">
<field name="name">Object 0</field>
<field name="value">0</field>
</record>
<record id="object1" model="auth_oauth_company_website.auth_oauth_company_website">
<field name="name">Object 1</field>
<field name="value">10</field>
</record>
<record id="object2" model="auth_oauth_company_website.auth_oauth_company_website">
<field name="name">Object 2</field>
<field name="value">20</field>
</record>
<record id="object3" model="auth_oauth_company_website.auth_oauth_company_website">
<field name="name">Object 3</field>
<field name="value">30</field>
</record>
<record id="object4" model="auth_oauth_company_website.auth_oauth_company_website">
<field name="name">Object 4</field>
<field name="value">40</field>
</record>
-->
</data>
</odoo>
@@ -0,0 +1 @@
from . import models
@@ -0,0 +1,23 @@
from odoo import models, fields, api
class AuthOAuthProvider(models.Model):
_inherit = 'auth.oauth.provider'
company_id = fields.Many2one(
'res.company',
string='Allowed Company',
help="If set, this provider is only available for this company's users."
)
website_id = fields.Many2one(
'website',
string='Allowed Website',
help="If set, this provider button will only show on this website's login page."
)
@api.onchange('company_id')
def _onchange_company_id(self):
"""Automatically link website if company is selected and only one website exists for that company"""
if self.company_id and not self.website_id:
website = self.env['website'].search([('company_id', '=', self.company_id.id)], limit=1)
if website:
self.website_id = website.id
@@ -0,0 +1,2 @@
id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
access_auth_oauth_company_website_auth_oauth_company_website,auth_oauth_company_website.auth_oauth_company_website,model_auth_oauth_company_website_auth_oauth_company_website,base.group_user,1,1,1,1
1 id name model_id:id group_id:id perm_read perm_write perm_create perm_unlink
2 access_auth_oauth_company_website_auth_oauth_company_website auth_oauth_company_website.auth_oauth_company_website model_auth_oauth_company_website_auth_oauth_company_website base.group_user 1 1 1 1
@@ -0,0 +1,24 @@
<odoo>
<data>
<!--
<template id="listing">
<ul>
<li t-foreach="objects" t-as="object">
<a t-attf-href="#{ root }/objects/#{ object.id }">
<t t-esc="object.display_name"/>
</a>
</li>
</ul>
</template>
<template id="object">
<h1><t t-esc="object.display_name"/></h1>
<dl>
<t t-foreach="object._fields" t-as="field">
<dt><t t-esc="field"/></dt>
<dd><t t-esc="object[field]"/></dd>
</t>
</dl>
</template>
-->
</data>
</odoo>
@@ -0,0 +1,14 @@
<odoo>
<record id="view_oauth_provider_form_inherit" model="ir.ui.view">
<field name="name">auth.oauth.provider.form.inherit</field>
<field name="model">auth.oauth.provider</field>
<field name="inherit_id" ref="auth_oauth.view_oauth_provider_form"/>
<field name="arch" type="xml">
<!-- Only System Administrators should see/edit these fields -->
<xpath expr="//field[@name='client_id']" position="after">
<field name="company_id" groups="base.group_system"/>
<field name="website_id" groups="base.group_system"/>
</xpath>
</field>
</record>
</odoo>