oca/oca-ocb-security
2
0
Fork 0
mirror of https://github.com/bringout/oca-ocb-security.git synced 2026-04-24 19:42:05 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Initial commit: Security packages

Browse source
This commit is contained in:
Ernad Husremovic 2025-08-29 15:20:51 +02:00
commit bb469e4763
1399 changed files with 278378 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

106
odoo-bringout-oca-ocb-auth_signup/auth_signup/views/auth_signup_login_templates.xml Normal file
View file

@ -0,0 +1,106 @@
<?xml version="1.0" encoding="utf-8"?>
<odoo>
<template id="auth_signup.login" inherit_id="web.login" name="Sign up - Reset Password">
<xpath expr="//button[@type='submit']" position="after">
<div class="justify-content-between mt-2 d-flex small">
<a t-if="signup_enabled" t-attf-href="/web/signup?{{ keep_query() }}">Don't have an account?</a>
<a t-if="reset_password_enabled" t-attf-href="/web/reset_password?{{ keep_query() }}">Reset Password</a>
</div>
</xpath>
</template>
<template id="auth_signup.fields" name="Auth Signup/ResetPassword form fields">
<div class="mb-3 field-login">
<label for="login">Your Email</label>
<input type="text" name="login" t-att-value="login" id="login" class="form-control form-control-sm" autofocus="autofocus"
autocapitalize="off" required="required" t-att-readonly="'readonly' if only_passwords else None"/>
</div>
<div class="mb-3 field-name">
<label for="name">Your Name</label>
<input type="text" name="name" t-att-value="name" id="name" class="form-control form-control-sm" placeholder="e.g. John Doe"
required="required" t-att-readonly="'readonly' if only_passwords else None"
t-att-autofocus="'autofocus' if login and not only_passwords else None" />
</div>
<div class="mb-3 field-password pt-2">
<label for="password">Password</label>
<input type="password" name="password" id="password" class="form-control form-control-sm"
required="required" t-att-autofocus="'autofocus' if only_passwords else None"/>
</div>
<div class="mb-3 field-confirm_password">
<label for="confirm_password">Confirm Password</label>
<input type="password" name="confirm_password" id="confirm_password" class="form-control form-control-sm" required="required"/>
</div>
</template>
<template id="auth_signup.signup" name="Sign up login">
<t t-call="web.login_layout">
<form class="oe_signup_form" role="form" method="post" t-if="not message">
<input type="hidden" name="csrf_token" t-att-value="request.csrf_token()"/>
<t t-call="auth_signup.fields">
<t t-set="only_passwords" t-value="bool(token and not invalid_token)"/>
</t>
<p class="alert alert-danger" t-if="error" role="alert">
<t t-esc="error"/>
</p>
<input type="hidden" name="redirect" t-att-value="redirect"/>
<input type="hidden" name="token" t-att-value="token"/>
<div class="text-center oe_login_buttons d-grid pt-3">
<button type="submit" class="btn btn-primary"> Sign up</button>
<a t-attf-href="/web/login?{{ keep_query() }}" class="btn btn-link btn-sm" role="button">Already have an account?</a>
<div class="o_login_auth"/>
</div>
</form>
</t>
</template>
<template id="auth_signup.reset_password" name="Reset password">
<t t-call="web.login_layout">
<div t-if="message" class="oe_login_form clearfix">
<p class="alert alert-success" t-if="message" role="status">
<t t-esc="message"/>
</p>
<a href="/web/login" class="btn btn-link btn-sm float-start" role="button">Back to Login</a>
</div>
<form class="oe_reset_password_form" role="form" method="post" t-if="not message">
<input type="hidden" name="csrf_token" t-att-value="request.csrf_token()"/>
<t t-if="token and not invalid_token">
<t t-call="auth_signup.fields">
<t t-set="only_passwords" t-value="1"/>
</t>
</t>
<t t-if="not token">
<div class="mb-3 field-login">
<label for="login" class="col-form-label">Your Email</label>
<input type="text" name="login" t-att-value="login" id="login" class="form-control"
autofocus="autofocus" required="required" autocapitalize="off"/>
</div>
</t>
<p class="alert alert-danger" t-if="error" role="alert">
<t t-esc="error"/>
</p>
<input type="hidden" name="redirect" t-att-value="redirect"/>
<input type="hidden" name="token" t-att-value="token"/>
<div class="clearfix oe_login_buttons d-grid mt-3">
<button type="submit" class="btn btn-primary">Reset Password</button>
<div class="d-flex justify-content-between align-items-center small mt-2">
<a t-if="not token" t-attf-href="/web/login?{{ keep_query() }}">Back to Login</a>
<a t-if="invalid_token" href="/web/login">Back to Login</a>
</div>
<div class="o_login_auth"/>
</div>
</form>
</t>
</template>
</odoo>

45
odoo-bringout-oca-ocb-auth_signup/auth_signup/views/res_config_settings_views.xml Normal file
View file

@ -0,0 +1,45 @@
<?xml version="1.0" encoding="utf-8"?>
<odoo>
<record id="res_config_settings_view_form" model="ir.ui.view">
<field name="name">res.config.settings.view.form.inherit.auth.signup</field>
<field name="model">res.config.settings</field>
<field name="inherit_id" ref="base_setup.res_config_settings_view_form"/>
<field name="arch" type="xml">
<xpath expr="//div[@id='access_rights']" position="before">
<div class="col-12 col-lg-6 o_setting_box"
id="login_documents"
title=" To send invitations in B2B mode, open a contact or select several ones in list view and click on 'Portal Access Management' option in the dropdown menu *Action*.">
<div class="o_setting_left_pane">
</div>
<div class="o_setting_right_pane">
<label for="auth_signup_uninvited"/>
<div class="text-muted">
Let your customers log in to see their documents
</div>
<div class="mt8">
<field name="auth_signup_uninvited" class="o_light_label" widget="radio" options="{'horizontal': true}" required="True"/>
</div>
<div class="content-group" attrs="{'invisible': [('auth_signup_uninvited','=','b2b')]}">
<div class="mt8">
<button type="object" name="action_open_template_user" string="Default Access Rights" icon="fa-arrow-right" class="btn-link"/>
</div>
</div>
</div>
</div>
<div class="col-12 col-lg-6 o_setting_box" id="enable_password_reset">
<div class="o_setting_left_pane">
<field name="auth_signup_reset_password"/>
</div>
<div class="o_setting_right_pane">
<label string="Password Reset" for="auth_signup_reset_password"/>
<div class="text-muted">
Enable password reset from Login page
</div>
</div>
</div>
</xpath>
</field>
</record>
</odoo>

57
odoo-bringout-oca-ocb-auth_signup/auth_signup/views/res_users_views.xml Normal file
View file

@ -0,0 +1,57 @@
<?xml version="1.0" encoding="utf-8"?>
<odoo>
<record id="res_users_view_form" model="ir.ui.view">
<field name="name">res.users.form.inherit</field>
<field name="model">res.users</field>
<field name="inherit_id" ref="base.view_users_form"/>
<field name="arch" type="xml">
<!-- add state field in header -->
<xpath expr="//header" position="inside">
<button string="Send Password Reset Instructions"
type="object" name="action_reset_password"
attrs="{'invisible': [('state', '!=', 'active')]}"/>
<button string="Send an Invitation Email"
type="object" name="action_reset_password" context="{'create_user': 1}"
attrs="{'invisible': [('state', '!=', 'new')]}"/>
<field name="state" widget="statusbar"/>
</xpath>
<xpath expr="//sheet" position="before">
<div class="alert alert-success text-center o_form_header alert-dismissible" attrs="{'invisible': [('signup_valid', '!=', True)]}" role="status">
<button class="btn-close" data-bs-dismiss="alert" aria-label="Close"/>
<div attrs="{'invisible': [('state', '!=', 'active')]}">
<strong>A password reset has been requested for this user. An email containing the following link has been sent:</strong>
</div>
<div attrs="{'invisible': [('state', '!=', 'new')]}">
<strong>An invitation email containing the following subscription link has been sent:</strong>
</div>
<div><field name="signup_url" widget="url"/></div>
<field name="signup_valid" invisible="1"/>
</div>
</xpath>
</field>
</record>
<record id="view_users_state_tree" model="ir.ui.view">
<field name="name">res.users.tree.inherit</field>
<field name="model">res.users</field>
<field name="inherit_id" ref="base.view_users_tree"/>
<field name="arch" type="xml">
<xpath expr="//field[@name='company_id']" position="after">
<field name="state" widget="badge"
decoration-info="state == 'new'" decoration-success="state == 'active'"/>
</xpath>
</field>
</record>
<record id="action_send_password_reset_instructions" model="ir.actions.server">
<field name="name">Send Password Reset Instructions</field>
<field name="model_id" ref="base.model_res_users"/>
<field name="groups_id" eval="[(4, ref('base.group_erp_manager'))]"/>
<field name="binding_model_id" ref="base.model_res_users" />
<field name="state">code</field>
<field name="code">records.action_reset_password()</field>
</record>
</odoo>

16
odoo-bringout-oca-ocb-auth_signup/auth_signup/views/webclient_templates.xml Normal file
View file

@ -0,0 +1,16 @@
<?xml version="1.0" encoding="utf-8"?>
<odoo>
<template id="login_successful" inherit_id="web.login_successful">
<xpath expr="//div[hasclass('oe_login_form')]/p" position="before">
<p class="alert alert-success" t-if="account_created" role="status">
Registration successful.
</p>
<!-- Remove parameter from URL, do not show "Account created" if page is refreshed -->
<script defer="defer" type="text/javascript">
window.history.replaceState({}, null, '/web/login_successful');
</script>
</xpath>
</template>
</odoo>