You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It would be very nice if the Odoo collection could be extended. Odoo has a database manager that requires a master password to work.
The database manager can be accessed by adding /web/database/manager to the url. When an action is posted, the master password is used for authentication. If the password is incorrect, we get the following log, in this example the action was "drop":
2024-06-11 20:32:22,753 399 INFO None werkzeug: xx.xx.xx.xx - - [11/Jun/2024 20:32:22] "POST /web/database/drop HTTP/1.1" 200 - 4 0.003 1.419
2024-06-11 20:32:24,858 398 ERROR None odoo.addons.web.controllers.database: Database deletion error.
Traceback (most recent call last):
File "/home/odoo/src/odoo/addons/web/controllers/database.py", line 113, in drop
dispatch_rpc('db', 'drop', [master_pwd, name])
File "/home/odoo/src/odoo/odoo/http.py", line 369, in dispatch_rpc
return dispatch(method, params)
^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/odoo/src/odoo/odoo/service/db.py", line 479, in dispatch
check_super(passwd)
File "/home/odoo/src/odoo/odoo/service/db.py", line 53, in check_super
raise odoo.exceptions.AccessDenied()
odoo.exceptions.AccessDenied: Access Denied
2024-06-11 20:32:24,930 398 INFO None werkzeug: xx.xx.xx.xx - - [11/Jun/2024 20:32:24] "POST /web/database/drop HTTP/1.1" 200 - 4 0.003 0.107
2024-06-11 20:36:05,263 398 INFO test-db werkzeug: xx.xx.xx.xx - - [11/Jun/2024 20:36:05] "GET / HTTP/1.1" 303 - 2 0.002 0.013
So CrowdSec should check for the url /web/database and the line odoo.exceptions.AccessDenied: Access Denied
The text was updated successfully, but these errors were encountered:
Hello,
It would be very nice if the Odoo collection could be extended. Odoo has a database manager that requires a master password to work.
The database manager can be accessed by adding /web/database/manager to the url. When an action is posted, the master password is used for authentication. If the password is incorrect, we get the following log, in this example the action was "drop":
So CrowdSec should check for the url
/web/database
and the lineodoo.exceptions.AccessDenied: Access Denied
The text was updated successfully, but these errors were encountered: