Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[17.0][MIG] auth_session_timeout: Migration to 17.0 #646

Merged
merged 40 commits into from
Oct 31, 2024

Conversation

Loregs2
Copy link

@Loregs2 Loregs2 commented May 13, 2024

Standard migration to 17.0

Changed _patch_method to patch method of BaseCase and remove _revert_method as indicated in #110370

pedrobaeza and others added 30 commits May 13, 2024 10:25
… True * Add Usage section to ReadMe w/ Runbot link * `_crypt_context` now directly exposes the `CryptContext` * Change all instances of openerp to odoo * Add test coverage to IrConfigParameter * Add test coverage for res.users * Remove db from `get_session_parameters` method call * Remove deprecated skiparg for ormcache * Fix tests & lint * Switch cache to use self.cr.dbname * Fix ormcache
* Module auth_session_timeout:
---------------------------

* Refactor to allow other modules to inherit and augment or override the following:
** Session expiry time (deadline) calculation
** Ignored URLs
** Final session expiry (with possibility to late-abort)
* Re-ordered functionality to remove unnecessary work, as this code is called very often.
* Do not expire a session if delay gets set to zero (or unset / false)

* WIP

* Fixed flake8 lint errors

* Fixed flake8 lint errors

* WIP

* WIP

* WIP

* WIP

* WIP

* WIP

* Module: auth-session-timeout: Refactor ResUser tests to use `unittest.mock` patching

* Module: auth_session_timeout: Fixed flake8 lint errors

* Module: auth_session_timeout: Fixed flake8 lint errors
…e backwards compatibility methods that were retained during v9 rework * Upgrade API and rename a few things for PEP-8 * Switch to HttpCase for tests * Switch to isolated build
… (#1070)

* corrects AttributeError: 'HttpRequest' object has no attribute 'http'

* updates the module version number for pull request #1070
New changes for move module, clean module, apply new oca guideline and make
compatible with 11.0:

* Move module from oca/server-tools:10.0  to oca/server-auth:11.0
* Remove .DS_Store files, addd by mistake in early changes and not needed.
* Fix error when make RPC request. Applied thanks to comment added by @christophlsa. For more information go to OCA/server-tools#1163 (review)
* Update version to the first one in 11.0
* Update README to match new guideline
* Remove she bang coding
* Use _authenticate method instead of deprecated method check. For more information go to https://github.com/odoo/odoo/blob/11.0/odoo/http.py#L1049
* Improve auth_session_timeout method return raise SessionExpiredException exception instead of False. This will show a "session expired please reload page" message to the user.
* Fix update unitet test. make then turn green and the update then to make them match with new changes

  - There was not getmtime() result definied in this test case, For that reason was returning a MagicMock() object, For this case their are trying to test that the session is valid, this is the same that the path of the file with session is not expired. To simulate that I just updated for the test case the getmtime() result to a value that will be greater than the delay expected: I used the current time This way when evaluationg if the sessions is expire will return False instead of TypeError: unorderable types: MagicMock() < float() The unit test still works the same and the result is without errors.

* Fix plylint errors:

  - E302 expected 2 blank lines,
  - Not used variable and not valid var name. Remove e varaible since is not valid name and this one is not been used.
Currently translated at 100.0% (3 of 3 strings)

Translation: server-auth-12.0/server-auth-12.0-auth_session_timeout
Translate-URL: https://translation.odoo-community.org/projects/server-auth-12-0/server-auth-12-0-auth_session_timeout/pt_BR/
Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: server-auth-13.0/server-auth-13.0-auth_session_timeout
Translate-URL: https://translation.odoo-community.org/projects/server-auth-13-0/server-auth-13-0-auth_session_timeout/
Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: server-auth-13.0/server-auth-13.0-auth_session_timeout
Translate-URL: https://translation.odoo-community.org/projects/server-auth-13-0/server-auth-13-0-auth_session_timeout/
Make it so session timeout doe not apply to requests
to a route with auth_method="public".

Forward port of OCA#258
Currently translated at 100.0% (3 of 3 strings)

Translation: server-auth-14.0/server-auth-14.0-auth_session_timeout
Translate-URL: https://translation.odoo-community.org/projects/server-auth-14-0/server-auth-14-0-auth_session_timeout/pt_BR/
Currently translated at 100.0% (3 of 3 strings)

Translation: server-auth-15.0/server-auth-15.0-auth_session_timeout
Translate-URL: https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-auth_session_timeout/ca/
Currently translated at 100.0% (3 of 3 strings)

Translation: server-auth-15.0/server-auth-15.0-auth_session_timeout
Translate-URL: https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-auth_session_timeout/it/
Currently translated at 100.0% (3 of 3 strings)

Translation: server-auth-15.0/server-auth-15.0-auth_session_timeout
Translate-URL: https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-auth_session_timeout/it/
…, but /web is a public route, so it does not trigger the session check but it does trigger session save, so the file mtime is updated before the second HTTP call makes the check takes place, and session is not expired
mymage and others added 3 commits May 13, 2024 10:25
Currently translated at 100.0% (3 of 3 strings)

Translation: server-auth-16.0/server-auth-16.0-auth_session_timeout
Translate-URL: https://translation.odoo-community.org/projects/server-auth-16-0/server-auth-16-0-auth_session_timeout/it/
Currently translated at 100.0% (3 of 3 strings)

Translation: server-auth-16.0/server-auth-16.0-auth_session_timeout
Translate-URL: https://translation.odoo-community.org/projects/server-auth-16-0/server-auth-16-0-auth_session_timeout/ca/
@pedrobaeza
Copy link
Member

/ocabot migration auth_session_timeout

Please check pre-commit, and it seems #555 is also needed.

@OCA-git-bot OCA-git-bot added this to the 17.0 milestone May 13, 2024
@OCA-git-bot OCA-git-bot mentioned this pull request May 13, 2024
19 tasks
@Loregs2 Loregs2 force-pushed the 17.0-mig-auth_session_timeout branch from 8c101e4 to 495241a Compare May 13, 2024 10:50
@Loregs2
Copy link
Author

Loregs2 commented May 13, 2024

/ocabot migration auth_session_timeout

Please check pre-commit, and it seems #555 is also needed.

Fixed pre-commit and modified the ignored URL from longpolling to websocket.

Thanks!

@Loregs2 Loregs2 force-pushed the 17.0-mig-auth_session_timeout branch from 49606a3 to 7238daa Compare May 14, 2024 07:56
@Loregs2 Loregs2 marked this pull request as draft May 14, 2024 08:01
@Loregs2 Loregs2 force-pushed the 17.0-mig-auth_session_timeout branch from 7238daa to 5e04c9c Compare May 14, 2024 08:11
@Loregs2 Loregs2 marked this pull request as ready for review May 14, 2024 08:16
@PCatinean
Copy link

Can we push this PR forward?

</record>
<record id="inactive_session_time_out_ignored_url" model="ir.config_parameter">
<field name="key">inactive_session_time_out_ignored_url</field>
<field name="value">/calendar/notify,/websocket</field>
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IMO, a migration script needs to be added to change the config parameter from longpolling/poll to websocket

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for your contribution @bizzappdev !

Copy link
Contributor

@bizzappdev bizzappdev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@pedrobaeza
Copy link
Member

Merging based on existing reviews:

/ocabot merge nobump

@OCA-git-bot
Copy link
Contributor

This PR looks fantastic, let's merge it!
Prepared branch 17.0-ocabot-merge-pr-646-by-pedrobaeza-bump-nobump, awaiting test results.

@OCA-git-bot OCA-git-bot merged commit e58c141 into OCA:17.0 Oct 31, 2024
6 of 7 checks passed
@OCA-git-bot
Copy link
Contributor

Congratulations, your PR was merged at def9106. Thanks a lot for contributing to OCA. ❤️

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.