[16.0][ADD] auth_oauth_signup

auth_oauth_signup/README.rst

@@ -0,0 +1,90 @@
+============
+OAuth Signup
+============
+
+.. 
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+   !! This file is generated by oca-gen-addon-readme !!
+   !! changes will be overwritten.                   !!
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+   !! source digest: sha256:a2177feb1b18da2333cb08d6343b0ded42c1e56909f3ff8d6cd77d1268c99e50
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+
+.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
+    :target: https://odoo-community.org/page/development-status
+    :alt: Beta
+.. |badge2| image:: https://img.shields.io/badge/licence-AGPL--3-blue.png
+    :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
+    :alt: License: AGPL-3
+.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github
+    :target: https://github.com/OCA/server-auth/tree/16.0/auth_oauth_signup
+    :alt: OCA/server-auth
+.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
+    :target: https://translation.odoo-community.org/projects/server-auth-16-0/server-auth-16-0-auth_oauth_signup
+    :alt: Translate me on Weblate
+.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png
+    :target: https://runboat.odoo-community.org/builds?repo=OCA/server-auth&target_branch=16.0
+    :alt: Try me on Runboat
+
+|badge1| |badge2| |badge3| |badge4| |badge5|
+
+.. image:: https://img.shields.io/badge/license-AGPL--3-blue.png
+   :target: https://www.gnu.org/licenses/agpl
+   :alt: License: AGPL-3
+
+Enable sign up for users logging in using OAuth2 on a per-provider basis, overriding the global setting.
+
+Without this module, your options are:
+ 1. allow sign up for everyone who can access the login page
+ 2. import users (and provide values for `oauth_provider_id` and `oauth_uid`) before they log in for the first time.
+
+**Table of contents**
+
+.. contents::
+   :local:
+
+Usage
+=====
+
+Go to Settings -> Users & Companies -> OAuth Providers -> <your provider> and click "Allow Signup" to allow sign up
+for your OAuth2 provider's users.
+
+Bug Tracker
+===========
+
+Bugs are tracked on `GitHub Issues <https://github.com/OCA/server-auth/issues>`_.
+In case of trouble, please check there if your issue has already been reported.
+If you spotted it first, help us to smash it by providing a detailed and welcomed
+`feedback <https://github.com/OCA/server-auth/issues/new?body=module:%20auth_oauth_signup%0Aversion:%2016.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
+
+Do not contact contributors directly about support or help with technical issues.
+
+Credits
+=======
+
+Authors
+~~~~~~~
+
+* Paja SIA
+
+Contributors
+~~~~~~~~~~~~
+
+* Miku Laitinen <[email protected]>
+
+Maintainers
+~~~~~~~~~~~
+
+This module is maintained by the OCA.
+
+.. image:: https://odoo-community.org/logo.png
+   :alt: Odoo Community Association
+   :target: https://odoo-community.org
+
+OCA, or the Odoo Community Association, is a nonprofit organization whose
+mission is to support the collaborative development of Odoo features and
+promote its widespread use.
+
+This module is part of the `OCA/server-auth <https://github.com/OCA/server-auth/tree/16.0/auth_oauth_signup>`_ project on GitHub.
+
+You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.

auth_oauth_signup/__init__.py

@@ -0,0 +1,3 @@
+# Copyright 2023 Paja SIA
+# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl.html).
+from . import models

auth_oauth_signup/__manifest__.py

@@ -0,0 +1,17 @@
+# Copyright 2023 Paja SIA
+# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl.html).
+{
+    "name": "OAuth Signup",
+    "version": "16.0.1.0.0",
+    "website": "https://github.com/OCA/server-auth",
+    "depends": [
+        "auth_oauth",
+    ],
+    "author": "Paja SIA, " "Odoo Community Association (OCA)",
+    "license": "AGPL-3",
+    "summary": "Allow new OAuth2 users to sign up even when global sign up is disabled",
+    "category": "Authentication",
+    "data": [
+        "views/auth_oauth_provider_views.xml",
+    ],
+}

auth_oauth_signup/models/__init__.py

@@ -0,0 +1,4 @@
+# Copyright 2023 Paja SIA
+# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl.html).
+from . import auth_oauth_provider
+from . import res_users

auth_oauth_signup/models/auth_oauth_provider.py

@@ -0,0 +1,15 @@
+# Copyright 2023 Paja SIA
+# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl.html).
+from odoo import fields, models
+
+
+class AuthOauthProvider(models.Model):
+    _inherit = "auth.oauth.provider"
+
+    allow_signup = fields.Boolean(
+        default=False,
+        help=(
+            "When enabled, new users logging in through this provider for the first time "
+            "are allowed to sign up, even when the global sign up is disabled."
+        ),
+    )

auth_oauth_signup/models/res_users.py

@@ -0,0 +1,36 @@
+# Copyright 2023 Paja SIA
+# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl.html).
+
+from odoo import api, models
+
+from odoo.addons.auth_signup.models.res_partner import SignupError
+
+
+class ResUsers(models.Model):
+    _inherit = "res.users"
+
+    @api.model
+    def _signup_create_user(self, values):
+        provider = False
+        oauth_fields = {"oauth_provider_id", "oauth_uid", "oauth_access_token"}
+        if values.keys() & oauth_fields and all(
+            values[oauth_field] for oauth_field in oauth_fields
+        ):
+            provider = self.env["auth.oauth.provider"].browse(
+                values["oauth_provider_id"]
+            )
+
+        try:
+            new_user = super(ResUsers, self)._signup_create_user(values)
+        except SignupError as e:
+            # Slightly dirty, but still cleaner than creating two separate modules
+            # for different scenarios based on whether "website" is installed or not.
+            # The method `_get_signup_invitation_scope` in "website" gets to run first
+            # (unless this module had a dependency to it) and thus never calls super,
+            # so overriding that method would only work if "website" wasn't installed.
+            if provider and provider.allow_signup:
+                new_user = self._create_user_from_template(values)
+            else:
+                raise e
+
+        return new_user

auth_oauth_signup/readme/CONTRIBUTORS.rst

@@ -0,0 +1 @@
+* Miku Laitinen <[email protected]>

auth_oauth_signup/readme/DESCRIPTION.rst

@@ -0,0 +1,9 @@
+.. image:: https://img.shields.io/badge/license-AGPL--3-blue.png
+   :target: https://www.gnu.org/licenses/agpl
+   :alt: License: AGPL-3
+
+Enable sign up for users logging in using OAuth2 on a per-provider basis, overriding the global setting.
+
+Without this module, your options are:
+ 1. allow sign up for everyone who can access the login page
+ 2. import users (and provide values for `oauth_provider_id` and `oauth_uid`) before they log in for the first time.

auth_oauth_signup/readme/USAGE.rst

@@ -0,0 +1,2 @@
+Go to Settings -> Users & Companies -> OAuth Providers -> <your provider> and click "Allow Signup" to allow sign up
+for your OAuth2 provider's users.