From 6f672029f5673471ff03ecdbd321b2fcedd225f0 Mon Sep 17 00:00:00 2001 From: miguelpadin Date: Mon, 27 Dec 2021 11:31:35 +0100 Subject: [PATCH] [REF] pms-api-rest: add controller 4 login --- pms_api_rest/__manifest__.py | 4 +- pms_api_rest/controllers/pms_rest.py | 10 +- pms_api_rest/datamodels/__init__.py | 2 + pms_api_rest/datamodels/user_input.py | 9 ++ pms_api_rest/datamodels/user_output.py | 10 ++ pms_api_rest/security/ir.model.access.csv | 2 - pms_api_rest/services/__init__.py | 4 + pms_api_rest/services/calendar_service.py | 2 +- pms_api_rest/services/folio_services.py | 2 +- pms_api_rest/services/login_service.py | 116 ++++++++++++++++++ pms_api_rest/services/partner_services.py | 2 +- pms_api_rest/services/reservation_services.py | 2 +- pms_api_rest/services/room_services.py | 2 +- pms_api_rest/services/room_type_services.py | 2 +- 14 files changed, 156 insertions(+), 13 deletions(-) create mode 100644 pms_api_rest/datamodels/user_input.py create mode 100644 pms_api_rest/datamodels/user_output.py delete mode 100644 pms_api_rest/security/ir.model.access.csv create mode 100644 pms_api_rest/services/login_service.py diff --git a/pms_api_rest/__manifest__.py b/pms_api_rest/__manifest__.py index 588a57b71..2529e90b0 100644 --- a/pms_api_rest/__manifest__.py +++ b/pms_api_rest/__manifest__.py @@ -16,8 +16,6 @@ "external_dependencies": { "python": ["jwt", "simplejson", "marshmallow"], }, - "data": [ - "security/ir.model.access.csv", "data/auth_jwt_validator.xml" - ], + "data": ["data/auth_jwt_validator.xml"], "installable": True, } diff --git a/pms_api_rest/controllers/pms_rest.py b/pms_api_rest/controllers/pms_rest.py index f410b058c..5a738e502 100644 --- a/pms_api_rest/controllers/pms_rest.py +++ b/pms_api_rest/controllers/pms_rest.py @@ -1,7 +1,13 @@ from odoo.addons.base_rest.controllers import main -class BaseRestDemoPublicApiController(main.RestController): +class BaseRestPrivateApiController(main.RestController): _root_path = "/api/" - _collection_name = "pms.reservation.service" + _collection_name = "pms.private.services" _default_auth = "jwt_api_pms" + + +class BaseRestPublicApiController(main.RestController): + _root_path = "/auth/" + _collection_name = "pms.public.services" + _default_auth = "public" diff --git a/pms_api_rest/datamodels/__init__.py b/pms_api_rest/datamodels/__init__.py index 3f34fd5df..248ce06e5 100644 --- a/pms_api_rest/datamodels/__init__.py +++ b/pms_api_rest/datamodels/__init__.py @@ -20,3 +20,5 @@ from . import pms_property_info from . import pms_property_search_param from . import pms_account_journal_info from . import pms_payment_info +from . import user_input +from . import user_output diff --git a/pms_api_rest/datamodels/user_input.py b/pms_api_rest/datamodels/user_input.py new file mode 100644 index 000000000..f370c2a60 --- /dev/null +++ b/pms_api_rest/datamodels/user_input.py @@ -0,0 +1,9 @@ +from marshmallow import fields + +from odoo.addons.datamodel.core import Datamodel + + +class PmsApiRestUserInput(Datamodel): + _name = "pms.api.rest.user.input" + username = fields.String(required=False, allow_none=True) + password = fields.String(required=False, allow_none=True) diff --git a/pms_api_rest/datamodels/user_output.py b/pms_api_rest/datamodels/user_output.py new file mode 100644 index 000000000..ee17fe5ca --- /dev/null +++ b/pms_api_rest/datamodels/user_output.py @@ -0,0 +1,10 @@ +from marshmallow import fields + +from odoo.addons.datamodel.core import Datamodel + + +class PmsApiRestUserOutput(Datamodel): + _name = "pms.api.rest.user.output" + # user = fields.String(required=False, allow_none=True) + # exp = fields.String(required=False, allow_none=True) + token = fields.String(required=False, allow_none=True) diff --git a/pms_api_rest/security/ir.model.access.csv b/pms_api_rest/security/ir.model.access.csv deleted file mode 100644 index e97ddc130..000000000 --- a/pms_api_rest/security/ir.model.access.csv +++ /dev/null @@ -1,2 +0,0 @@ -id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink -access_jwt_access_token,Read jwt access token,model_jwt_provider_access_token,,1,0,0,0 diff --git a/pms_api_rest/services/__init__.py b/pms_api_rest/services/__init__.py index 87c212ea5..064c89aae 100644 --- a/pms_api_rest/services/__init__.py +++ b/pms_api_rest/services/__init__.py @@ -5,4 +5,8 @@ from . import calendar_service from . import partner_services from . import reservation_services +<<<<<<< HEAD from . import property_services +======= +from . import login_service +>>>>>>> a4394db3... [REF] pms-api-rest: add controller 4 login diff --git a/pms_api_rest/services/calendar_service.py b/pms_api_rest/services/calendar_service.py index 6132f8756..d7d3d34ae 100644 --- a/pms_api_rest/services/calendar_service.py +++ b/pms_api_rest/services/calendar_service.py @@ -7,7 +7,7 @@ from odoo.addons.component.core import Component class PmsCalendarService(Component): _inherit = "base.rest.service" - _name = "pms.calendar.service" + _name = "pms.private.services" _usage = "calendar" _collection = "pms.reservation.service" diff --git a/pms_api_rest/services/folio_services.py b/pms_api_rest/services/folio_services.py index 1918bf078..242542d12 100644 --- a/pms_api_rest/services/folio_services.py +++ b/pms_api_rest/services/folio_services.py @@ -9,7 +9,7 @@ class PmsFolioService(Component): _inherit = "base.rest.service" _name = "pms.folio.service" _usage = "folios" - _collection = "pms.reservation.service" + _collection = "pms.private.services" @restapi.method( [ diff --git a/pms_api_rest/services/login_service.py b/pms_api_rest/services/login_service.py new file mode 100644 index 000000000..82a431a1f --- /dev/null +++ b/pms_api_rest/services/login_service.py @@ -0,0 +1,116 @@ +import time + +from jose import jwt + +from odoo import _ +from odoo.exceptions import ValidationError, AccessDenied, UserError + +from odoo.addons.base_rest import restapi +from odoo.addons.base_rest_datamodel.restapi import Datamodel +from odoo.addons.component.core import Component + + +class PmsPartnerService(Component): + _inherit = "base.rest.service" + _name = "pms.auth.service" + _usage = "login" + _collection = "pms.public.services" + + @restapi.method( + [ + ( + [ + "/", + ], + "POST", + ) + ], + input_param=Datamodel("pms.api.rest.user.input", is_list=False), + # output_param=Datamodel("pms.api.rest.user.output", is_list=False), + ) + def aa(self, user): + + user_record = ( + self.env["res.users"].sudo().search([("login", "=", user.username)]) + ) + + if not user_record: + ValidationError(_("user or password not valid")) + try: + user_record.with_user(user_record)._check_credentials(user.password, None) + + except Exception as e: + raise UserError("") + + PmsApiRestUserOutput = self.env.datamodels["pms.api.rest.user.output"] + expiration_date = time.time() + 36660 + token = jwt.encode( + { + "aud": "api_pms", + "iss": "pms", + "exp": expiration_date, + "username": user.username, + "password": user.password, + }, + key="pms_secret_key_example", + algorithm=jwt.ALGORITHMS.HS256, + ) + # return PmsApiRestUserOutput(token=token) + return token + + def user_error(self): + """ + Simulate an odoo.exceptions.UserError + Should be translated into BadRequest with a description into the json + body + """ + raise UserError(_("UserError message")) + + # Validator + def _validator_user_error(self): + return {} + + def _validator_return_user_error(self): + return {} + + def _validator_validation_error(self): + return {} + + def _validator_return_validation_error(self): + return {} + + def _validator_session_expired(self): + return {} + + def _validator_return_session_expired(self): + return {} + + def _validator_missing_error(self): + return {} + + def _validator_return_missing_error(self): + return {} + + def _validator_access_error(self): + return {} + + def _validator_return_access_error(self): + return {} + + def _validator_access_denied(self): + return {} + + def _validator_return_access_denied(self): + return {} + + def _validator_http_exception(self): + return {} + + def _validator_return_http_exception(self): + return {} + + def _validator_bare_exception(self): + return {} + + def _validator_return_bare_exception(self): + return {} diff --git a/pms_api_rest/services/partner_services.py b/pms_api_rest/services/partner_services.py index 1b7a45cca..1940da10b 100644 --- a/pms_api_rest/services/partner_services.py +++ b/pms_api_rest/services/partner_services.py @@ -7,7 +7,7 @@ class PmsPartnerService(Component): _inherit = "base.rest.service" _name = "pms.partner.service" _usage = "partners" - _collection = "pms.reservation.service" + _collection = "pms.private.services" @restapi.method( [ diff --git a/pms_api_rest/services/reservation_services.py b/pms_api_rest/services/reservation_services.py index f400ee8f9..e922d85b2 100644 --- a/pms_api_rest/services/reservation_services.py +++ b/pms_api_rest/services/reservation_services.py @@ -9,7 +9,7 @@ class PmsRoomService(Component): _inherit = "base.rest.service" _name = "pms.reservation.service" _usage = "reservations" - _collection = "pms.reservation.service" + _collection = "pms.private.services" @restapi.method( [ diff --git a/pms_api_rest/services/room_services.py b/pms_api_rest/services/room_services.py index 1727528a1..4e10a51e9 100644 --- a/pms_api_rest/services/room_services.py +++ b/pms_api_rest/services/room_services.py @@ -7,7 +7,7 @@ class PmsRoomService(Component): _inherit = "base.rest.service" _name = "pms.room.service" _usage = "rooms" - _collection = "pms.reservation.service" + _collection = "pms.private.services" @restapi.method( [ diff --git a/pms_api_rest/services/room_type_services.py b/pms_api_rest/services/room_type_services.py index b628da625..4ca879a54 100644 --- a/pms_api_rest/services/room_type_services.py +++ b/pms_api_rest/services/room_type_services.py @@ -7,7 +7,7 @@ class PmsRoomTypeService(Component): _inherit = "base.rest.service" _name = "pms.room.type.service" _usage = "room-types" - _collection = "pms.reservation.service" + _collection = "pms.private.services" @restapi.method( [