From 17ae4f6e29c87d052e8e327577eb77032896d63a Mon Sep 17 00:00:00 2001 From: rolandojduartem Date: Fri, 13 Sep 2024 01:04:24 +0000 Subject: [PATCH 1/2] [FIX] auth_session_timeout: add /longpolling/im_status as ignored url auth_session_timeout [1] uses the time of the modification of the session file to calculate the time of inactivity, but any edition in the session file will change the time of modification of the file and cause inexact time of inactivity. The controller /longpolling/im_status is called several times (every 50 seconds) [2][3], so it is required taking it into account to avoid modifying the time of modification of the session file, so it is required adding /longpolling/im_status as a ignored url [4][5]. References: - [1] https://github.com/Oca/server-auth/blob/1db10f29/auth_session_timeout/models/res_users.py#L73 - [2] https://github.com/odoo/odoo/blob/e5b67f9c/addons/mail/static/src/models/partner/partner.js#L395 - [3] https://github.com/odoo/odoo/blob/e5b67f9c/addons/mail/static/src/models/partner/partner.js#L407 - [4] https://github.com/Oca/server-auth/blob/1db10f29/auth_session_timeout/data/ir_config_parameter_data.xml#L12 - [5] https://github.com/Oca/server-auth/blob/1db10f29/auth_session_timeout/models/res_users.py#L93 --- auth_session_timeout/__manifest__.py | 2 +- .../data/ir_config_parameter_data.xml | 4 ++- .../migrations/15.0.1.0.1/post-migration.py | 28 +++++++++++++++++++ 3 files changed, 32 insertions(+), 2 deletions(-) create mode 100644 auth_session_timeout/migrations/15.0.1.0.1/post-migration.py diff --git a/auth_session_timeout/__manifest__.py b/auth_session_timeout/__manifest__.py index e155747d1a..c9a28afbbf 100644 --- a/auth_session_timeout/__manifest__.py +++ b/auth_session_timeout/__manifest__.py @@ -13,7 +13,7 @@ "maintainer": "Odoo Community Association (OCA)", "website": "https://github.com/OCA/server-auth", "category": "Tools", - "version": "15.0.1.0.0", + "version": "15.0.1.0.1", "license": "AGPL-3", "data": ["data/ir_config_parameter_data.xml"], "installable": True, diff --git a/auth_session_timeout/data/ir_config_parameter_data.xml b/auth_session_timeout/data/ir_config_parameter_data.xml index b64c5a8c61..c7dfd81922 100644 --- a/auth_session_timeout/data/ir_config_parameter_data.xml +++ b/auth_session_timeout/data/ir_config_parameter_data.xml @@ -9,6 +9,8 @@ inactive_session_time_out_ignored_url - /calendar/notify,/longpolling/poll + /calendar/notify,/longpolling/poll,/longpolling/im_status diff --git a/auth_session_timeout/migrations/15.0.1.0.1/post-migration.py b/auth_session_timeout/migrations/15.0.1.0.1/post-migration.py new file mode 100644 index 0000000000..b565213e15 --- /dev/null +++ b/auth_session_timeout/migrations/15.0.1.0.1/post-migration.py @@ -0,0 +1,28 @@ +import logging + +from odoo import SUPERUSER_ID, api + +_logger = logging.getLogger(__name__) + + +def migrate(cr, version): + add_controller_to_parameter(cr) + + +def add_controller_to_parameter(cr): + """Add /longpolling/im_status because it is executed several times (every 50 seconds)""" + env = api.Environment(cr, SUPERUSER_ID, {}) + new_url = "/longpolling/im_status" + ignored_path_key = "inactive_session_time_out_ignored_url" + param = env["ir.config_parameter"] + old_value = param.get_param(ignored_path_key, "") + if new_url in old_value: + _logger.info( + "%s is included in the parameter %s already.", new_url, ignored_path_key + ) + return + new_value = "%s,%s" % (old_value, new_url) + param.set_param(ignored_path_key, new_value) + _logger.info( + "%s was added to the parameter %s successfully.", new_url, ignored_path_key + ) From a7f16f6779b9df66611dcc77fab04c355ff7f0d1 Mon Sep 17 00:00:00 2001 From: OCA-git-bot Date: Fri, 13 Sep 2024 21:15:27 +0000 Subject: [PATCH 2/2] [BOT] post-merge updates --- README.md | 2 +- auth_session_timeout/README.rst | 2 +- auth_session_timeout/__manifest__.py | 2 +- auth_session_timeout/static/description/index.html | 14 ++++++++------ 4 files changed, 11 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index f6f2877bbb..c9a6267cc2 100644 --- a/README.md +++ b/README.md @@ -29,7 +29,7 @@ addon | version | maintainers | summary [auth_oauth_multi_token](auth_oauth_multi_token/) | 15.0.1.0.1 | | Allow multiple connection with the same OAuth account [auth_oidc](auth_oidc/) | 15.0.1.1.0 | [![sbidoul](https://github.com/sbidoul.png?size=30px)](https://github.com/sbidoul) | Allow users to login through OpenID Connect Provider [auth_saml](auth_saml/) | 15.0.1.4.4 | [![vincent-hatakeyama](https://github.com/vincent-hatakeyama.png?size=30px)](https://github.com/vincent-hatakeyama) | SAML2 Authentication -[auth_session_timeout](auth_session_timeout/) | 15.0.1.0.0 | | This module disable all inactive sessions since a given delay +[auth_session_timeout](auth_session_timeout/) | 15.0.1.0.2 | | This module disable all inactive sessions since a given delay [auth_signup_partner_company](auth_signup_partner_company/) | 15.0.1.0.0 | | Auth Signup Partner Company [auth_signup_verify_email](auth_signup_verify_email/) | 15.0.1.0.0 | | Force uninvited users to use a good email for signup [auth_user_case_insensitive](auth_user_case_insensitive/) | 15.0.1.0.0 | | Makes the user login field case insensitive diff --git a/auth_session_timeout/README.rst b/auth_session_timeout/README.rst index 7db0ca40fe..a4ac72587d 100644 --- a/auth_session_timeout/README.rst +++ b/auth_session_timeout/README.rst @@ -7,7 +7,7 @@ Inactive Sessions Timeout !! This file is generated by oca-gen-addon-readme !! !! changes will be overwritten. !! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - !! source digest: sha256:403ec55d9d4d7286c397a2fbad9b8979776b9d3135281977c144c5659232d2ed + !! source digest: sha256:74d16f19b861bf266d057134134227b2e2b88f91c9e05347399299343d62bc92 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! .. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png diff --git a/auth_session_timeout/__manifest__.py b/auth_session_timeout/__manifest__.py index c9a28afbbf..dba4721abe 100644 --- a/auth_session_timeout/__manifest__.py +++ b/auth_session_timeout/__manifest__.py @@ -13,7 +13,7 @@ "maintainer": "Odoo Community Association (OCA)", "website": "https://github.com/OCA/server-auth", "category": "Tools", - "version": "15.0.1.0.1", + "version": "15.0.1.0.2", "license": "AGPL-3", "data": ["data/ir_config_parameter_data.xml"], "installable": True, diff --git a/auth_session_timeout/static/description/index.html b/auth_session_timeout/static/description/index.html index 98ed98fdcd..2913eeca8b 100644 --- a/auth_session_timeout/static/description/index.html +++ b/auth_session_timeout/static/description/index.html @@ -1,4 +1,3 @@ - @@ -9,10 +8,11 @@ /* :Author: David Goodger (goodger@python.org) -:Id: $Id: html4css1.css 8954 2022-01-20 10:10:25Z milde $ +:Id: $Id: html4css1.css 9511 2024-01-13 09:50:07Z milde $ :Copyright: This stylesheet has been placed in the public domain. Default cascading style sheet for the HTML output of Docutils. +Despite the name, some widely supported CSS2 features are used. See https://docutils.sourceforge.io/docs/howto/html-stylesheets.html for how to customize this style sheet. @@ -275,7 +275,7 @@ margin-left: 2em ; margin-right: 2em } -pre.code .ln { color: grey; } /* line numbers */ +pre.code .ln { color: gray; } /* line numbers */ pre.code, code { background-color: #eeeeee } pre.code .comment, code .comment { color: #5C6576 } pre.code .keyword, code .keyword { color: #3B0D06; font-weight: bold } @@ -301,7 +301,7 @@ span.pre { white-space: pre } -span.problematic { +span.problematic, pre.problematic { color: red } span.section-subtitle { @@ -367,7 +367,7 @@

Inactive Sessions Timeout

!! This file is generated by oca-gen-addon-readme !! !! changes will be overwritten. !! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -!! source digest: sha256:403ec55d9d4d7286c397a2fbad9b8979776b9d3135281977c144c5659232d2ed +!! source digest: sha256:74d16f19b861bf266d057134134227b2e2b88f91c9e05347399299343d62bc92 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -->

Beta License: AGPL-3 OCA/server-auth Translate me on Weblate Try me on Runboat

This module was written to be able to kill(logout) all inactive sessions since @@ -436,7 +436,9 @@

Contributors

Maintainers

This module is maintained by the OCA.

-Odoo Community Association + +Odoo Community Association +

OCA, or the Odoo Community Association, is a nonprofit organization whose mission is to support the collaborative development of Odoo features and promote its widespread use.