audrius/app-odoo
1
0
Fork 0
mirror of https://github.com/guohuadeng/app-odoo.git synced 2025-02-23 04:11:36 +02:00
Code Issues Packages Projects Releases Wiki Activity

[FIX] app_common: security

Browse Source
This commit is contained in:
Chill
2024-03-11 18:08:26 +08:00
parent 684b775f7c
commit d59965ca05
3 changed files with 39 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app_common/__manifest__.py
View File

@@ -39,7 +39,7 @@
{ {
'name': "odooAi Common Util and Tools", 'name': "odooAi Common Util and Tools",
'version': '23.11.16', 'version': '24.03.11',
'author': 'odooai.cn', 'author': 'odooai.cn',
'category': 'Base', 'category': 'Base',
'website': 'https://www.odooai.cn', 'website': 'https://www.odooai.cn',

30
app_common/models/base.py
View File

@@ -53,6 +53,12 @@ EXCLU_FIELDS = [
class Base(models.AbstractModel): class Base(models.AbstractModel):
_inherit = 'base' _inherit = 'base'
@api.model
def _app_check_sys_op(self):
if self.env.user.has_group('base.group_erp_manager'):
return True
return False
@api.model @api.model
def _get_normal_fields(self): def _get_normal_fields(self):
f_list = [] f_list = []
@@ -101,32 +107,50 @@ class Base(models.AbstractModel):
return dt.astimezone(pytz_timezone).strftime(return_format) return dt.astimezone(pytz_timezone).strftime(return_format)
@api.model @api.model
def get_image_from_url(self, url): def _get_image_from_url(self, url):
# 返回这个图片的base64编码 # 返回这个图片的base64编码
if not self._app_check_sys_op():
return False
return get_image_from_url(url) return get_image_from_url(url)
@api.model @api.model
def get_image_url2attachment(self, url, mimetype_list=None): def _get_image_url2attachment(self, url, mimetype_list=None):
# Todo: mimetype filter # Todo: mimetype filter
if not self._app_check_sys_op():
return False
image, file_name = get_image_url2attachment(url) image, file_name = get_image_url2attachment(url)
if image and file_name: if image and file_name:
try:
attachment = self.env['ir.attachment'].create({ attachment = self.env['ir.attachment'].create({
'datas': image, 'datas': image,
'name': file_name, 'name': file_name,
'website_id': False,
}) })
attachment.generate_access_token()
return attachment return attachment
except Exception as e:
_logger.error('get_image_url2attachment error: %s' % str(e))
return False
else: else:
return False return False
@api.model @api.model
def get_image_base642attachment(self, data): def _get_image_base642attachment(self, data):
if not self._app_check_sys_op():
return False
image, file_name = get_image_base642attachment(data) image, file_name = get_image_base642attachment(data)
if image and file_name: if image and file_name:
try:
attachment = self.env['ir.attachment'].create({ attachment = self.env['ir.attachment'].create({
'datas': image, 'datas': image,
'name': file_name, 'name': file_name,
'website_id': False,
}) })
attachment.generate_access_token()
return attachment return attachment
except Exception as e:
_logger.error('get_image_base642attachment error: %s' % str(e))
return False
else: else:
return False return False

2
app_common/static/description/index.html
View File

@@ -4,7 +4,7 @@
<h2 class="oe_slogan">odooAi Common Util and Tools</h2> <h2 class="oe_slogan">odooAi Common Util and Tools</h2>
<h3 class="oe_slogan"> Network and media and base tools </h3> <h3 class="oe_slogan"> Network and media and base tools </h3>
<div class="oe_row"> <div class="oe_row">
<h3>Lastest update: v17.23.11.06</h3> <h3>Lastest update: v17.24.03.11</h3>
<div class="row"> <div class="row">
<img class="oe_demo oe_screenshot img img-fluid" style="max-height: 100%;" src="banner.png"> <img class="oe_demo oe_screenshot img img-fluid" style="max-height: 100%;" src="banner.png">
</div> </div>