Merge lp:~sylvain-legal/server-env-tools/7.0-auth_admin_passkey into lp:~server-env-tools-core-editors/server-env-tools/7.0

Great idea! The code looks good too. Thanks! Compatibility with auth_crypt is important, but if you say it can be done in a glue module we can leave it for someone to make this effort later on.

Thank you very much Sylvain!
And it works on trunk too.

Very useful !

Thanks for your reviews and for your interests.

@Stefan :
Sorry if was not clear : I'm not sure that is possible to do that with a glue module, and how. I just guess !
What I want :
- define in a predictive way the order of the call of the 2 functions : auth_crypt.res_users.check_credentials() and auth_admin_passkey.res_users.check_credentials()

What I know :
1/ I tested my module with 'auth_crypt' and it works depending of installation order (what I wrote in my description) ;
2/ I developed a glue module testing differents thinks like changing order of module in the __openerp__.py 'depends' value, but it didn't seem to work ;

Reference :
[Sep 2009] http://forum.openerp.com/forum/topic12962.html talk about alphabetic order but it contradicts my observation #1 ;
[2013] http://help.openerp.com/question/36392/how-openerp-decides-loading-order-of-modules/ talk about the order in 'depends' value but it contradicts my observation #2 ;

Dependencies tree (for your information) :
base : []
web : []
auth_crypt : ['base']
web_kanban : ['web']
base_setup : ['base', 'web_kanban']
mail : ['base', 'base_setup']
auth_admin_passkey : ['mail']

If somebody knows more about module order and how to manage that case ...

Regards.

Great work!

Nitpicks:

L103: could you add the .pot file?
L254-256: the body header text would be best as a single translatable string
L262: s/"Passkey used"/_("Passkey used")

Some more comments from my side:

Wild idea: in your override of check_credentials, why don't you first check if uid != SUPERUSER_ID and in that case don't call *super* but call self.check_credentials itself with the SUPERUSER_ID argument? This should fix compatibility with any authentication module.

Note that there is a small security risk in sending the emails to the unprivileged user: if such a user happens to have the same password as the administrator (it might just happen), they will receive an email that the adminitrator has logged on as themselves. They may then figure out that their password is the same as the administrator's, and they might then take advantage of that.

l.275: would it maybe make more sense if you check this condition *before* the try block in l.271?

Hi,

@Stefan,
Remarks 1 : I didn't understand what your 'wild' idea can fix. (about possible compatibility problem).

Remarks 2 : Héhé. Yes I thought of that very specific case without solution. I finally found a workaround to manage this case and I'll update the Merge Proposal in a while. (Work in progress again).

Remarks 3 : You're right. MP updated.

@Daniel :
Point 1 : Excuse my basic question but what is the interest to add '.pot' file. (I don't use it in my personal module).
Extra Question : How to generate it ? OpenERP only propose "po" / "csv" and "tgz". ".pot" file seems to be a ".po" file with empty traduction. It isn't ?

Point 2 : My code doesn't manage translation for the mails. (it is written in __openerp__.py), not because I did'nt call "_" function but because I haven't contextual information at this step. So the function "_" will not work. The workaround is to get language of each user. (normal & admin) requesting the database, update twice some context value, call "_" function ... I confess that I am not very motivated to write this code. But it can be the aim of a futur Merge Proposal.

Regards.

Daniel is right, pot file is missing (required as per community guide lines).
you just need to export the .po w/o selecting a specific language, then rename the file as your_module_name.pot and place it into the i18n folder.

Well the problem with auth_crypt is that the inheritance structure can be as follows:

-> auth_crypt -> auth_passkey -> base.

Authentication of regular user account with admin password fails in auth_crypt. Auth_crypt calls super(), which is this module's override. Regular authentication of the user account with the admin password fails. You then call super() with the SUPERUSER_ID which fails because the password is encrypted. If you call self.check_credentials from your self_credentials override, then you pass through auth_crypt again which now succesfully authenticates the administrator account. Or not, but then you don't call self.check_credentials but super instead because uid is already SUPERUSER_ID.

@Stefan (rev65) : (about remark #2) I updated the algorithm to manage the special case where admin and user has the same password. In that case, when the user log in, only admin user will receive a mail to inform him that there is a security lake. Is that OK with you ?

@Davide (rev66) : I added '.pot' file.

@Stefan (rev67) : (about your last comment) Your idea works perfectly. I would never thought of that because I was lost in inheritance. Thanks a lot.

@Daniel (rev68) : I changed the algorithm to manage translatable emails.

I think that's all.

Regards.

Hi Sylvain, another great contribution! Some remarks from a quick scan:

- Typos in description file:

s/Functionnalities/Functionality
s/Technical informations/Technical information

- I'm not sure about putting company information in description. We have author and website fields for that. What others think about it?

- On __init__.py, please use 'from . import xxx' form.

- Please respect PEP8 max line width (79 cols) in res_config.py (maybe with shorter field names).

- You can use self.pool['object.name'] instead of self.pool.get('object.name') to get a shorter form and exact traceback when a model doesn't exist.

-

Hi Pedro,

Thanks for your review.
I did modifications about import & pep8.

About description in __openerp__.py file : In other modules, there is a big header with that kind of informations (company name, date, link to AGPL licences, people who wrote the module).
In my modules, I just put a light header in each file as you seen and put all the information in the description field.
So the number of lines is smaller and information are more visible. for exemple if someone has a question about a module he can contact the authors without downloading the module.

Regards.

Great, thanks!

Correct me if I'm wrong but for license the Preamble is mandatory in each source file

Your headers don't seems compatible with AGPL to me.

http://www.gnu.org/licenses/gpl-faq.html#NoticeInSourceFile
http://www.gnu.org/licenses/gpl-faq.html#GPLOmitPreamble

http://www.gnu.org/licenses/gpl-faq.html#WhyMustIInclude

Hi,

Thanks a lot for your review Yannick and your question.
First, I'm pretty beginner in OpenSource World, and I have no problem with changing the declaration of the copyright.

My point of view is :
- It's a pitty to make more heavy code source with a lot of Copyright code; Sometimes I review MP with 100 lines, but with only "5 functionnal lines";
- As people writing code, I don't like Copy / Paste, duplication, etc. "If you write something twice, write a function" I so consider that it's possible to just put in each file a reference to __openerp__.py file and in __openerp__.py file, just a link to the AGPL licence online; But I'm not a lawyer;
- If the licence / author change, I have to change all my files. It's not very efficient;
- Anyway, the source code is available on launchpad, and all the project is by default on AGPL. (defined here : https://launchpad.net/server-env-tools in License section);
- You say (and it is written in your links) that header is mandatory in each source file but OpenERP SA and Community don't respect that rule. Licence are just written in '.py' file and sometimes in '.js'. But what about 'xml', 'yml' ? There is no licences in this kind of files. But for me data/view/action/menu definitions are part of code.

Would you agree if I put the whole licence in __openerp__.py file and keep references in other files ?

(In any case, I will follow the opinion of the community on this issue.)

Regards.

Hi, Sylvain, I agree with your thoughts about reiteration on license agreement, so I think your initiative looks good to me, but we have to assure that there is no legal hole where somebody can use the software in forms not allowed by AGPL and have legal coverage due to our mistake or not correct burocracy form.

Why don't we get this topic to the community list?

Regards.

Very useful, thanks!

Some remarks though:

Generally, you don't need most of your backslashes (ie when in a bracketed term) - removing them improves readability imho

#30 it's Functionality (-n)
#353 openerp.tools.safe_eval.literal_eval would do the same thing
#388 I guess you want to safe the dependency on email.template here?
#390ff you use multiline strings without actually using them. Why?

Wouldn't it make sense to swap #451 and #454? The usual (and thus the one that should be the fastest) case will be that a user logs in with her own password.

And +1 for including the full license in every file

Hi Holger,

Thanks for your review. In order of your remarks:
- typo changed;

- About 'literal_eval' import, I just copied / pasted some of the code written in the file ./addons/auth_signup/res_users.py. But OK, I changed it.

- About 'email.template'. At the beginning, I just not wanted to manage translation... I added translation following remarks of reviewers. E-mail Template are not very easy to use in that case because I don't have a clear model related to the email_template. I wanna send informations of 'user_agent_env'. I'm not expert with email templates but It seems that I need a related persistent model (I mean, to call $object.xxx). Create a model just for that is a mess. Don't you think ?

- I executed too 'pep8' tool (I just discovered ;-) ) and everything seems correct now.

@Holger, Yannick :
- About Licences & copyright informations, I added them in all files.

@Pedro :
Topic on community list is a good Idea but I don't know very well AGPL concepts and I'm not comfortable speaking in english, so I let the idea to more expert people.

Regards.

How about my only substantial point about swapping #451 and #454?

Concerning the templates: You indeed need a persistent model for that, but in this case, res.users would be just fine I think

...nevermind, I saw you did that already

Hum :

1/ About the swap : Sorry, I did it. rev75 : http://bazaar.launchpad.net/~sylvain-legal/server-env-tools/7.0-auth_admin_passkey/revision/75

2/ About the template, The code sends an email like that :
"""
Admin user used his passkey to login with {login}.

Technicals informations belows :
- Login date : {login_date}
- base_location : {base_location}
- HTTP_HOST : {HTTP_HOST}
- REMOTE_ADDR : {REMOTE_ADDR}"""

(and all technical informations that can be found in 'user_agent_env'.) line #545

In an email template, how can I access to REMOTE_ADDR via res_users object ?
(Sorry if my question is not relevant).

In templates, you have access to the context passed to the send_mail function via the variable ctx, so you could put the extra information there. But well, forget about it, it's too much hassle for an email nobody is ever going to personalize anyways.

@Yannick, @Pedro :
Are you Ok with the changes I did ? If yes, can you update your status ?

@Holger,
Thanks for that information (about ctx access), I didn't know. (And Thanks to Stephan & You about your suggestions to improve algorithm & module compatibility).
Sharing modules takes time but it helps to learn a lot of things.

Regards.

Nice one, very useful to free som memory in our head ;)
Nothing more to say about the code.

Hi, Sylvain, thanks for the changes.

Regards.

Really good idea !
thanks

In translation

> Mot de passe bris de glace

I would write "bris de glace" in quotes or replace it by "d'urgence" ou "de secours" voir "de récupération"

But I don't block the MP for this.

Hi yannick,

Thanks to update your review status. I put quote in the translation file.

@all : 7 approves, Thanks !

Regards.