audrius/app-odoo
1
0
Fork 0
mirror of https://github.com/guohuadeng/app-odoo.git synced 2025-02-23 04:11:36 +02:00
Code Issues Packages Projects Releases Wiki Activity

[FIX] app_odoo_customize: security

Browse Source
This commit is contained in:
Chill
2024-03-11 18:43:09 +08:00
parent 82fc6463f2
commit 73d7143e3c
3 changed files with 27 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
app_odoo_customize/models/res_config_settings.py
View File

@@ -3,7 +3,7 @@
import logging
from odoo import api, fields, models, _
from odoo.exceptions import UserError
_logger = logging.getLogger(__name__)
@@ -106,6 +106,8 @@ class ResConfigSettings(models.TransientModel):
ir_config.set_param("app_ribbon_name", self.app_ribbon_name or "*odooai.cn")
def set_module_url(self):
if not self._app_check_sys_op():
raise UserError(_('Not allow.'))
sql = "UPDATE ir_module_module SET website = '%s' WHERE license like '%s' and website <> ''" % (self.app_enterprise_url, 'OEEL%')
try:
self._cr.execute(sql)
@@ -114,7 +116,9 @@ class ResConfigSettings(models.TransientModel):
pass
# 清数据o=对象, s=序列
def remove_app_data(self, o, s=[]):
def _remove_app_data(self, o, s=[]):
if not self._app_check_sys_op():
raise UserError(_('Not allow.'))
for line in o:
# 检查是否存在
try:
@@ -166,7 +170,7 @@ class ResConfigSettings(models.TransientModel):
seqs = [
'sale',
]
return self.remove_app_data(to_removes, seqs)
return self._remove_app_data(to_removes, seqs)
def remove_product(self):
to_removes = [
@@ -177,7 +181,7 @@ class ResConfigSettings(models.TransientModel):
seqs = [
'product.product',
]
return self.remove_app_data(to_removes, seqs)
return self._remove_app_data(to_removes, seqs)
def remove_product_attribute(self):
to_removes = [
@@ -186,7 +190,7 @@ class ResConfigSettings(models.TransientModel):
'product.attribute',
]
seqs = []
return self.remove_app_data(to_removes, seqs)
return self._remove_app_data(to_removes, seqs)
def remove_pos(self):
to_removes = [
@@ -199,12 +203,12 @@ class ResConfigSettings(models.TransientModel):
seqs = [
'pos.',
]
res = self.remove_app_data(to_removes, seqs)
res = self._remove_app_data(to_removes, seqs)
# 更新要关帐的值,因为 store=true 的计算字段要重置
try:
statement = self.env['account.bank.statement'].sudo().search([])
statement = self.env['account.bank.statement'].search([])
for s in statement:
s._end_balance()
except Exception as e:
@@ -222,7 +226,7 @@ class ResConfigSettings(models.TransientModel):
seqs = [
'purchase.',
]
return self.remove_app_data(to_removes, seqs)
return self._remove_app_data(to_removes, seqs)
def remove_expense(self):
to_removes = [
@@ -235,7 +239,7 @@ class ResConfigSettings(models.TransientModel):
seqs = [
'hr.expense.',
]
return self.remove_app_data(to_removes, seqs)
return self._remove_app_data(to_removes, seqs)
def remove_mrp(self):
to_removes = [
@@ -254,7 +258,7 @@ class ResConfigSettings(models.TransientModel):
seqs = [
'mrp.',
]
return self.remove_app_data(to_removes, seqs)
return self._remove_app_data(to_removes, seqs)
def remove_mrp_bom(self):
to_removes = [
@@ -263,7 +267,7 @@ class ResConfigSettings(models.TransientModel):
'mrp.bom',
]
seqs = []
return self.remove_app_data(to_removes, seqs)
return self._remove_app_data(to_removes, seqs)
def remove_inventory(self):
to_removes = [
@@ -292,7 +296,7 @@ class ResConfigSettings(models.TransientModel):
'product.tracking.default',
'WH/',
]
return self.remove_app_data(to_removes, seqs)
return self._remove_app_data(to_removes, seqs)
def remove_account(self):
to_removes = [
@@ -312,7 +316,7 @@ class ResConfigSettings(models.TransientModel):
'hr.expense.sheet',
'account.move',
]
res = self.remove_app_data(to_removes, [])
res = self._remove_app_data(to_removes, [])
# extra 更新序号
domain = [
@@ -423,9 +427,9 @@ class ResConfigSettings(models.TransientModel):
pass # raise Warning(e)
seqs = []
res = self.remove_app_data(to_removes, seqs)
res = self._remove_app_data(to_removes, seqs)
self._cr.commit()
self.env.company.sudo().write({'chart_template_id': None})
self.env.company.write({'chart_template_id': None})
return res
def remove_project(self):
@@ -437,7 +441,7 @@ class ResConfigSettings(models.TransientModel):
'project.project',
]
seqs = []
return self.remove_app_data(to_removes, seqs)
return self._remove_app_data(to_removes, seqs)
def remove_quality(self):
to_removes = [
@@ -456,7 +460,7 @@ class ResConfigSettings(models.TransientModel):
'quality.alert',
# 'quality.point',
]
return self.remove_app_data(to_removes, seqs)
return self._remove_app_data(to_removes, seqs)
def remove_quality_setting(self):
to_removes = [
@@ -468,7 +472,7 @@ class ResConfigSettings(models.TransientModel):
'quality.reason',
'quality.tag',
]
return self.remove_app_data(to_removes)
return self._remove_app_data(to_removes)
def remove_website(self):
to_removes = [
@@ -489,7 +493,7 @@ class ResConfigSettings(models.TransientModel):
# 'website',
]
seqs = []
return self.remove_app_data(to_removes, seqs)
return self._remove_app_data(to_removes, seqs)
def remove_message(self):
to_removes = [
@@ -499,7 +503,7 @@ class ResConfigSettings(models.TransientModel):
'mail.activity',
]
seqs = []
return self.remove_app_data(to_removes, seqs)
return self._remove_app_data(to_removes, seqs)
def remove_workflow(self):
to_removes = [
@@ -508,7 +512,7 @@ class ResConfigSettings(models.TransientModel):
'wkf.instance',
]
seqs = []
return self.remove_app_data(to_removes, seqs)
return self._remove_app_data(to_removes, seqs)
def remove_all_biz(self):
self.remove_account()