OpenERP Connector - Magento

Merge lp:~akretion-team/openerp-connector-magento/7-htaccess-auth-support-dbl into lp:~openerp-connector-core-editors/openerp-connector-magento/7.0

  1. 7-htaccess-auth-support-dbl
  2. Merge into 7.0
Proposed by David BEAL (ak)
Status: Rejected
Rejected by: Sébastien BEAU - http://www.akretion.com
Proposed branch: lp:~akretion-team/openerp-connector-magento/7-htaccess-auth-support-dbl
Merge into: lp:~openerp-connector-core-editors/openerp-connector-magento/7.0
Diff against target: 124 lines (+57/-7)
4 files modified
magentoerpconnect/magento_model.py (+29/-4)
magentoerpconnect/magento_model_view.xml (+6/-0)
magentoerpconnect/product.py (+8/-1)
magentoerpconnect/unit/backend_adapter.py (+14/-2)
To merge this branch: bzr merge lp:~akretion-team/openerp-connector-magento/7-htaccess-auth-support-dbl
Reviewer Review Type Date Requested Status
Guewen Baconnier @ Camptocamp Needs Fixing
Sébastien BEAU - http://www.akretion.com Pending
Review via email: mp+213637@code.launchpad.net

Description of the change

allow to import products with their images when authentification is required like htaccess,
e.g. location https://myuser:<email address hidden>

To post a comment you must log in.
Revision history for this message
Guewen Baconnier @ Camptocamp (gbaconnier-c2c) wrote :

Interesting. But why put the user and password in the location if 1. they need to be parsed/extracted afterwards, 2. they are used only for the urlopen() of the images but not for the API.

I would prefer to have 2 additional fields for that.

That would also avoid to have the password leaked in the log file each time we log the URL.

Thanks

review: Needs Fixing
Revision history for this message
Guewen Baconnier @ Camptocamp (gbaconnier-c2c) wrote :

(maybe I missed the use case / need to have them in the url, in that case please let me know!)

Revision history for this message
David BEAL (ak) (davidbeal) wrote :

yes, you missed the use case => I'm lazy, specially with xml view

;-)

but you are right.

fields name for htaccess could be : restricted_access_user and restricted_access_password

Revision history for this message
Guewen Baconnier @ Camptocamp (gbaconnier-c2c) wrote :

> yes, you missed the use case => I'm lazy, specially with xml view
>
> ;-)

You really dislike the xml views so, considering the parsing you needed to write ;-)

>
> but you are right.
>
> fields name for htaccess could be : restricted_access_user and
> restricted_access_password

Sounds good

lp:~akretion-team/openerp-connector-magento/7-htaccess-auth-support-dbl updated
966. By David BEAL (ak)

[FIX] replace _get_auth_parameters() by fields in magento.backend

967. By David BEAL (ak)

[IMP] complete htaccess case management, drop unused historic line

Revision history for this message
David BEAL (ak) (davidbeal) wrote :

seems to be ok for final review

lp:~akretion-team/openerp-connector-magento/7-htaccess-auth-support-dbl updated
968. By David BEAL (ak)

[IMP] add 'full url' option on the backend

Revision history for this message
David BEAL (ak) (davidbeal) wrote :

Please, thanks to give your feedback

Revision history for this message
Guewen Baconnier @ Camptocamp (gbaconnier-c2c) wrote :

Thanks for the changes.

restricted_access_username and restricted_access_password should be mandatory when display_restricted_access is true.

The name of this authentication method is HTTP Auth Basic or
Basic Access Authentication http://en.wikipedia.org/wiki/Basic_access_authentication so I think it would be more accurate to use these terms in the tooltips. Upon reflection, the column names would be better named auth_basic, auth_basic_username and auth_basic_password.

I had some difficulties to figure out what full_url means. I think it would be simpler do understand if it was 'use_custom_api_path' and the labels / tooltips would say something like "The default API path is '/index.php/api/xmlrpc'. Check this box if you use a custom API path, in that case, the location has to be completed with the custom API path'.

Do you mind to change that? If you want, I can make the changes before merging, in that case I would just propose you an edited branch but I won't be able to do it the next few days.

lp:~akretion-team/openerp-connector-magento/7-htaccess-auth-support-dbl updated
969. By David BEAL (ak)

[FIX] fields name, tool tip

Revision history for this message
David BEAL (ak) (davidbeal) wrote :

Hi guewen,

changes are done.

could you integrate it in next release ?

thank you

Revision history for this message
Guewen Baconnier @ Camptocamp (gbaconnier-c2c) wrote :

Thanks! I think it will be yes.

lp:~akretion-team/openerp-connector-magento/7-htaccess-auth-support-dbl updated
970. By David BEAL (ak)

[FIX] tool tip

Revision history for this message
Guewen Baconnier @ Camptocamp (gbaconnier-c2c) wrote :

Hi David,

I tested your branch, and I needed to rebase it from the next-release branch because it had conflict.

So I pushed my branch ready for next-rebase and made a proposal here https://code.launchpad.net/~camptocamp/openerp-connector-magento/7-htaccess-auth-support-dbl-next-release-gbr/+merge/214184 so you can comment.

I made some changes too, improving the placement of the fields in the view, and reorganizing the code in the BackendAdapter (the infos should be stored in the MagentoLocation object).

Can you check my branch and test for your use case?

Thanks

Revision history for this message
Sébastien BEAU - http://www.akretion.com (sebastien.beau) wrote :

I change the state of this merge as rejected as a new merge have been done based on this work

Unmerged revisions

970. By David BEAL (ak)

[FIX] tool tip

969. By David BEAL (ak)

[FIX] fields name, tool tip

968. By David BEAL (ak)

[IMP] add 'full url' option on the backend

967. By David BEAL (ak)

[IMP] complete htaccess case management, drop unused historic line

966. By David BEAL (ak)

[FIX] replace _get_auth_parameters() by fields in magento.backend

965. By David BEAL (ak)

[FIX] allow to import products with their images when authentif is required like htaccess, e.g. https://myuser:<email address hidden>

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'magentoerpconnect/magento_model.py'
2--- magentoerpconnect/magento_model.py 2013-08-15 08:01:46 +0000
3+++ magentoerpconnect/magento_model.py 2014-04-03 16:28:05 +0000
4@@ -60,7 +60,6 @@
5 return [('1.7', '1.7')]
6
7 def _get_stock_field_id(self, cr, uid, context=None):
8- stock_field = 'virtual_available'
9 field_ids = self.pool.get('ir.model.fields').search(
10 cr, uid,
11 [('model', '=', 'product.product'),
12@@ -73,9 +72,33 @@
13 _select_versions,
14 string='Version',
15 required=True),
16- 'location': fields.char('Location', required=True),
17- 'username': fields.char('Username'),
18- 'password': fields.char('Password'),
19+ 'location': fields.char(
20+ 'Location',
21+ required=True,
22+ help="Url to magento application"),
23+ 'use_custom_api_path': fields.boolean(
24+ 'Use Custom Api Path',
25+ help="The default API path is '/index.php/api/xmlrpc'. "
26+ "Check this box if you use a custom API path, in that case, "
27+ "the location has to be completed with the custom API path "),
28+ 'username': fields.char(
29+ 'Username',
30+ help="Webservice user"),
31+ 'password': fields.char(
32+ 'Password',
33+ help="Webservice password"),
34+ 'display_auth_basic': fields.boolean(
35+ 'Display HTTP Auth Basic',
36+ help="Display Basic Access Authentication is "
37+ "required by some web servers installation \n(see "
38+ "http://en.wikipedia.org/wiki/Basic_access_authentication)"),
39+ 'auth_basic_username': fields.char(
40+ 'Basic Access Auth. Username',
41+ help="Web server side username : \n"
42+ "some web servers may requires basic access authentication"),
43+ 'auth_basic_password': fields.char(
44+ 'Basic Access Auth. Password',
45+ help="Basic access authentication password web server side "),
46 'sale_prefix': fields.char(
47 'Sale Prefix',
48 help="A prefix put before the name of imported sales orders.\n"
49@@ -122,6 +145,8 @@
50
51 _defaults = {
52 'product_stock_field_id': _get_stock_field_id,
53+ 'use_custom_api_path': False,
54+ 'display_auth_basic': False,
55 }
56
57 _sql_constraints = [
58
59=== modified file 'magentoerpconnect/magento_model_view.xml'
60--- magentoerpconnect/magento_model_view.xml 2014-02-07 11:39:12 +0000
61+++ magentoerpconnect/magento_model_view.xml 2014-04-03 16:28:05 +0000
62@@ -115,6 +115,12 @@
63 <field name="product_stock_field_id" widget="selection"
64 domain="[('model', 'in', ['product.product', 'product.template']), ('ttype', '=', 'float')]"/>
65 <field name="catalog_price_tax_included"/>
66+ <field name="use_custom_api_path"/>
67+ <field name="display_auth_basic"/>
68+ <field name="auth_basic_username" colspan="2"
69+ attrs="{'invisible': [('display_auth_basic', '=', False)], 'required': [('display_auth_basic', '=', True)]}"/>
70+ <field name="auth_basic_password" colspan="2"
71+ attrs="{'invisible': [('display_auth_basic', '=', False)], 'required': [('display_auth_basic', '=', True)]}"/>
72 <p attrs="{'invisible': [('catalog_price_tax_included', '=', False)]}">
73 This option should respect the same
74 configuration than Magento. Pay
75
76=== modified file 'magentoerpconnect/product.py'
77--- magentoerpconnect/product.py 2014-01-14 10:41:05 +0000
78+++ magentoerpconnect/product.py 2014-04-03 16:28:05 +0000
79@@ -282,7 +282,14 @@
80 def _get_binary_image(self, image_data):
81 url = image_data['url']
82 try:
83- binary = urllib2.urlopen(url)
84+ request = urllib2.Request(url)
85+ if self.backend_record.auth_basic_username \
86+ and self.backend_record.auth_basic_password:
87+ base64string = base64.encodestring(
88+ '%s:%s' % (self.backend_record.auth_basic_username,
89+ self.backend_record.auth_basic_password))
90+ request.add_header("Authorization", "Basic %s" % base64string)
91+ binary = urllib2.urlopen(request)
92 except urllib2.HTTPError as err:
93 if err.code == 404:
94 # the image is just missing, we skip it
95
96=== modified file 'magentoerpconnect/unit/backend_adapter.py'
97--- magentoerpconnect/unit/backend_adapter.py 2013-06-26 06:36:58 +0000
98+++ magentoerpconnect/unit/backend_adapter.py 2014-04-03 16:28:05 +0000
99@@ -121,11 +121,23 @@
100 """ Delete a record on the external system """
101 raise NotImplementedError
102
103+ def _complete_url(self):
104+ location = self.magento.location
105+ if self.backend_record.auth_basic_username \
106+ and self.backend_record.auth_basic_password:
107+ replacement = self.backend_record.auth_basic_username + ':'
108+ replacement += self.backend_record.auth_basic_password + '@'
109+ location = location.replace('://', '://' + replacement)
110+ return location
111+
112 def _call(self, method, arguments):
113 try:
114- with magentolib.API(self.magento.location,
115+ location = self._complete_url()
116+ full_url = self.backend_record.use_custom_api_path
117+ with magentolib.API(location,
118 self.magento.username,
119- self.magento.password) as api:
120+ self.magento.password,
121+ full_url=full_url) as api:
122 result = api.call(method, arguments)
123 # Uncomment to record requests/responses in ``recorder``
124 # record(method, arguments, result)