-
-
Notifications
You must be signed in to change notification settings - Fork 424
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[17.0][MIG] auth_session_timeout: Migration to 17.0 #646
[17.0][MIG] auth_session_timeout: Migration to 17.0 #646
Conversation
… True * Add Usage section to ReadMe w/ Runbot link * `_crypt_context` now directly exposes the `CryptContext` * Change all instances of openerp to odoo * Add test coverage to IrConfigParameter * Add test coverage for res.users * Remove db from `get_session_parameters` method call * Remove deprecated skiparg for ormcache * Fix tests & lint * Switch cache to use self.cr.dbname * Fix ormcache
* Module auth_session_timeout: --------------------------- * Refactor to allow other modules to inherit and augment or override the following: ** Session expiry time (deadline) calculation ** Ignored URLs ** Final session expiry (with possibility to late-abort) * Re-ordered functionality to remove unnecessary work, as this code is called very often. * Do not expire a session if delay gets set to zero (or unset / false) * WIP * Fixed flake8 lint errors * Fixed flake8 lint errors * WIP * WIP * WIP * WIP * WIP * WIP * Module: auth-session-timeout: Refactor ResUser tests to use `unittest.mock` patching * Module: auth_session_timeout: Fixed flake8 lint errors * Module: auth_session_timeout: Fixed flake8 lint errors
…e backwards compatibility methods that were retained during v9 rework * Upgrade API and rename a few things for PEP-8 * Switch to HttpCase for tests * Switch to isolated build
… (#1070) * corrects AttributeError: 'HttpRequest' object has no attribute 'http' * updates the module version number for pull request #1070
New changes for move module, clean module, apply new oca guideline and make compatible with 11.0: * Move module from oca/server-tools:10.0 to oca/server-auth:11.0 * Remove .DS_Store files, addd by mistake in early changes and not needed. * Fix error when make RPC request. Applied thanks to comment added by @christophlsa. For more information go to OCA/server-tools#1163 (review) * Update version to the first one in 11.0 * Update README to match new guideline * Remove she bang coding * Use _authenticate method instead of deprecated method check. For more information go to https://github.com/odoo/odoo/blob/11.0/odoo/http.py#L1049 * Improve auth_session_timeout method return raise SessionExpiredException exception instead of False. This will show a "session expired please reload page" message to the user. * Fix update unitet test. make then turn green and the update then to make them match with new changes - There was not getmtime() result definied in this test case, For that reason was returning a MagicMock() object, For this case their are trying to test that the session is valid, this is the same that the path of the file with session is not expired. To simulate that I just updated for the test case the getmtime() result to a value that will be greater than the delay expected: I used the current time This way when evaluationg if the sessions is expire will return False instead of TypeError: unorderable types: MagicMock() < float() The unit test still works the same and the result is without errors. * Fix plylint errors: - E302 expected 2 blank lines, - Not used variable and not valid var name. Remove e varaible since is not valid name and this one is not been used.
Currently translated at 100.0% (3 of 3 strings) Translation: server-auth-12.0/server-auth-12.0-auth_session_timeout Translate-URL: https://translation.odoo-community.org/projects/server-auth-12-0/server-auth-12-0-auth_session_timeout/pt_BR/
Updated by "Update PO files to match POT (msgmerge)" hook in Weblate. Translation: server-auth-13.0/server-auth-13.0-auth_session_timeout Translate-URL: https://translation.odoo-community.org/projects/server-auth-13-0/server-auth-13-0-auth_session_timeout/
Updated by "Update PO files to match POT (msgmerge)" hook in Weblate. Translation: server-auth-13.0/server-auth-13.0-auth_session_timeout Translate-URL: https://translation.odoo-community.org/projects/server-auth-13-0/server-auth-13-0-auth_session_timeout/
Make it so session timeout doe not apply to requests to a route with auth_method="public". Forward port of OCA#258
Currently translated at 100.0% (3 of 3 strings) Translation: server-auth-14.0/server-auth-14.0-auth_session_timeout Translate-URL: https://translation.odoo-community.org/projects/server-auth-14-0/server-auth-14-0-auth_session_timeout/pt_BR/
Currently translated at 100.0% (3 of 3 strings) Translation: server-auth-15.0/server-auth-15.0-auth_session_timeout Translate-URL: https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-auth_session_timeout/ca/
Currently translated at 100.0% (3 of 3 strings) Translation: server-auth-15.0/server-auth-15.0-auth_session_timeout Translate-URL: https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-auth_session_timeout/it/
Currently translated at 100.0% (3 of 3 strings) Translation: server-auth-15.0/server-auth-15.0-auth_session_timeout Translate-URL: https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-auth_session_timeout/it/
…, but /web is a public route, so it does not trigger the session check but it does trigger session save, so the file mtime is updated before the second HTTP call makes the check takes place, and session is not expired
Currently translated at 100.0% (3 of 3 strings) Translation: server-auth-16.0/server-auth-16.0-auth_session_timeout Translate-URL: https://translation.odoo-community.org/projects/server-auth-16-0/server-auth-16-0-auth_session_timeout/it/
Currently translated at 100.0% (3 of 3 strings) Translation: server-auth-16.0/server-auth-16.0-auth_session_timeout Translate-URL: https://translation.odoo-community.org/projects/server-auth-16-0/server-auth-16-0-auth_session_timeout/ca/
/ocabot migration auth_session_timeout Please check pre-commit, and it seems #555 is also needed. |
8c101e4
to
495241a
Compare
Fixed pre-commit and modified the ignored URL from Thanks! |
49606a3
to
7238daa
Compare
7238daa
to
5e04c9c
Compare
Can we push this PR forward? |
</record> | ||
<record id="inactive_session_time_out_ignored_url" model="ir.config_parameter"> | ||
<field name="key">inactive_session_time_out_ignored_url</field> | ||
<field name="value">/calendar/notify,/websocket</field> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
IMO, a migration script needs to be added to change the config parameter from longpolling/poll to websocket
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for your contribution @bizzappdev !
…ssion_time_out_ignored_url.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Merging based on existing reviews: /ocabot merge nobump |
This PR looks fantastic, let's merge it! |
Congratulations, your PR was merged at def9106. Thanks a lot for contributing to OCA. ❤️ |
Standard migration to 17.0
Changed
_patch_method
topatch
method ofBaseCase
and remove_revert_method
as indicated in #110370