Merge pull request OCA#219 from OCA/14.0

Syncing from upstream OCA/server-auth (14.0)

README.md

@@ -21,7 +21,7 @@ addon | version | maintainers | summary
 --- | --- | --- | ---
 [auth_admin_passkey](auth_admin_passkey/) | 14.0.1.0.0 |  | Allows system administrator to authenticate with any account
 [auth_api_key](auth_api_key/) | 14.0.2.1.0 |  | Authenticate http requests from an API key
-[auth_api_key_group](auth_api_key_group/) | 14.0.1.0.1 | [![simahawk](https://github.com/simahawk.png?size=30px)](https://github.com/simahawk) | Allow grouping API keys together. Grouping per se does nothing. This feature is supposed to be used by other modules to limit access to services or records based on groups of keys.
+[auth_api_key_group](auth_api_key_group/) | 14.0.1.1.0 | [![simahawk](https://github.com/simahawk.png?size=30px)](https://github.com/simahawk) | Allow grouping API keys together. Grouping per se does nothing. This feature is supposed to be used by other modules to limit access to services or records based on groups of keys.
 [auth_api_key_server_env](auth_api_key_server_env/) | 14.0.1.1.0 |  | Configure api keys via server env. This can be very useful to avoid mixing your keys between your various environments when restoring databases. All you have to do is to add a new section to your configuration file according to the following convention:
 [auth_dynamic_groups](auth_dynamic_groups/) | 14.0.1.0.0 |  | Have membership conditions for certain groups
 [auth_jwt](auth_jwt/) | 14.0.1.2.0 | [![sbidoul](https://github.com/sbidoul.png?size=30px)](https://github.com/sbidoul) | JWT bearer token authentication.
@@ -30,6 +30,7 @@ addon | version | maintainers | summary
 [auth_oidc](auth_oidc/) | 14.0.1.0.1 | [![sbidoul](https://github.com/sbidoul.png?size=30px)](https://github.com/sbidoul) | Allow users to login through OpenID Connect Provider
 [auth_saml](auth_saml/) | 14.0.1.0.1 |  | Saml2 Authentication
 [auth_session_timeout](auth_session_timeout/) | 14.0.1.0.1 |  | This module disable all inactive sessions since a given delay
+[auth_signup_verify_email](auth_signup_verify_email/) | 14.0.1.0.0 |  | Force uninvited users to use a good email for signup
 [auth_user_case_insensitive](auth_user_case_insensitive/) | 14.0.1.0.0 |  | Makes the user login field case insensitive
 [password_security](password_security/) | 14.0.1.0.0 |  | Allow admin to set password security requirements.
 [user_log_view](user_log_view/) | 14.0.1.0.0 | [![trojikman](https://github.com/trojikman.png?size=30px)](https://github.com/trojikman) | Allow to see user's actions log

auth_api_key_group/README.rst

@@ -7,9 +7,9 @@ Auth API key group
    !! changes will be overwritten.                   !!
    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 
-.. |badge1| image:: https://img.shields.io/badge/maturity-Alpha-red.png
+.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
     :target: https://odoo-community.org/page/development-status
-    :alt: Alpha
+    :alt: Beta
 .. |badge2| image:: https://img.shields.io/badge/licence-LGPL--3-blue.png
     :target: http://www.gnu.org/licenses/lgpl-3.0-standalone.html
     :alt: License: LGPL-3
@@ -30,11 +30,6 @@ Allow grouping API keys together.
 Grouping per se does nothing. This feature is supposed to be used by other modules
 to limit access to services or records based on groups of keys.
 
-.. IMPORTANT::
-   This is an alpha version, the data model and design can change at any time without warning.
-   Only for development or testing purpose, do not use in production.
-   `More details on development status <https://odoo-community.org/page/development-status>`_
-
 **Table of contents**
 
 .. contents::

auth_api_key_group/__manifest__.py

@@ -10,8 +10,8 @@
 Grouping per se does nothing. This feature is supposed to be used by other modules
 to limit access to services or records based on groups of keys.
     """,
-    "version": "14.0.1.0.1",
-    "development_status": "Alpha",
+    "version": "14.0.1.1.0",
+    "development_status": "Beta",
     "license": "LGPL-3",
     "website": "https://github.com/OCA/server-auth",
     "author": "Camptcamp,Odoo Community Association (OCA)",

auth_api_key_group/static/description/index.html

@@ -367,16 +367,10 @@ <h1 class="title">Auth API key group</h1>
 !! This file is generated by oca-gen-addon-readme !!
 !! changes will be overwritten.                   !!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -->
-<p><a class="reference external" href="https://odoo-community.org/page/development-status"><img alt="Alpha" src="https://img.shields.io/badge/maturity-Alpha-red.png" /></a> <a class="reference external" href="http://www.gnu.org/licenses/lgpl-3.0-standalone.html"><img alt="License: LGPL-3" src="https://img.shields.io/badge/licence-LGPL--3-blue.png" /></a> <a class="reference external" href="https://github.com/OCA/server-auth/tree/14.0/auth_api_key_group"><img alt="OCA/server-auth" src="https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github" /></a> <a class="reference external" href="https://translation.odoo-community.org/projects/server-auth-14-0/server-auth-14-0-auth_api_key_group"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external" href="https://runbot.odoo-community.org/runbot/251/14.0"><img alt="Try me on Runbot" src="https://img.shields.io/badge/runbot-Try%20me-875A7B.png" /></a></p>
+<p><a class="reference external" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external" href="http://www.gnu.org/licenses/lgpl-3.0-standalone.html"><img alt="License: LGPL-3" src="https://img.shields.io/badge/licence-LGPL--3-blue.png" /></a> <a class="reference external" href="https://github.com/OCA/server-auth/tree/14.0/auth_api_key_group"><img alt="OCA/server-auth" src="https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github" /></a> <a class="reference external" href="https://translation.odoo-community.org/projects/server-auth-14-0/server-auth-14-0-auth_api_key_group"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external" href="https://runbot.odoo-community.org/runbot/251/14.0"><img alt="Try me on Runbot" src="https://img.shields.io/badge/runbot-Try%20me-875A7B.png" /></a></p>
 <p>Allow grouping API keys together.</p>
 <p>Grouping per se does nothing. This feature is supposed to be used by other modules
 to limit access to services or records based on groups of keys.</p>
-<div class="admonition important">
-<p class="first admonition-title">Important</p>
-<p class="last">This is an alpha version, the data model and design can change at any time without warning.
-Only for development or testing purpose, do not use in production.
-<a class="reference external" href="https://odoo-community.org/page/development-status">More details on development status</a></p>
-</div>
 <p><strong>Table of contents</strong></p>
 <div class="contents local topic" id="contents">
 <ul class="simple">

auth_signup_verify_email/README.rst

@@ -0,0 +1,106 @@
+======================
+Verify email at signup
+======================
+
+.. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+   !! This file is generated by oca-gen-addon-readme !!
+   !! changes will be overwritten.                   !!
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+
+.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
+    :target: https://odoo-community.org/page/development-status
+    :alt: Beta
+.. |badge2| image:: https://img.shields.io/badge/licence-AGPL--3-blue.png
+    :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
+    :alt: License: AGPL-3
+.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github
+    :target: https://github.com/OCA/server-auth/tree/14.0/auth_signup_verify_email
+    :alt: OCA/server-auth
+.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
+    :target: https://translation.odoo-community.org/projects/server-auth-14-0/server-auth-14-0-auth_signup_verify_email
+    :alt: Translate me on Weblate
+.. |badge5| image:: https://img.shields.io/badge/runbot-Try%20me-875A7B.png
+    :target: https://runbot.odoo-community.org/runbot/251/14.0
+    :alt: Try me on Runbot
+
+|badge1| |badge2| |badge3| |badge4| |badge5| 
+
+This module extends the functionality of public sign up to force users to
+provide a valid email address.
+
+To achieve this, users are not required to provide a password at
+sign up: they are asked for only at first login attempt.
+
+**Table of contents**
+
+.. contents::
+   :local:
+
+Installation
+============
+
+* Install `email_validator <https://pypi.org/project/email-validator/>`_
+  with ``pip install email_validator`` or equivalent.
+
+Configuration
+=============
+
+To configure this module, you need to:
+
+* `Properly configure your outgoing email server(s)
+  <https://www.odoo.com/forum/help-1/question/how-to-configure-email-gateway-282#answer_290>`_.
+* Go to *Settings > General Settings -> General settings*, search for
+  the *Users* section and enable *Free sign up* in *Customer account*.
+
+Usage
+=====
+
+To use this module, you need to:
+
+* Log out.
+* `Sign up </web/signup>`_ with a valid email.
+
+Bug Tracker
+===========
+
+Bugs are tracked on `GitHub Issues <https://github.com/OCA/server-auth/issues>`_.
+In case of trouble, please check there if your issue has already been reported.
+If you spotted it first, help us smashing it by providing a detailed and welcomed
+`feedback <https://github.com/OCA/server-auth/issues/new?body=module:%20auth_signup_verify_email%0Aversion:%2014.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
+
+Do not contact contributors directly about support or help with technical issues.
+
+Credits
+=======
+
+Authors
+~~~~~~~
+
+* Antiun Ingeniería S.L.
+* Tecnativa
+
+Contributors
+~~~~~~~~~~~~
+
+* Rafael Blasco <[email protected]>
+* Jairo Llopis <[email protected]>
+* Simone Orsi <[email protected]>
+* Alexandre Díaz <[email protected]>
+* Eugene Molotov <[email protected]>
+
+Maintainers
+~~~~~~~~~~~
+
+This module is maintained by the OCA.
+
+.. image:: https://odoo-community.org/logo.png
+   :alt: Odoo Community Association
+   :target: https://odoo-community.org
+
+OCA, or the Odoo Community Association, is a nonprofit organization whose
+mission is to support the collaborative development of Odoo features and
+promote its widespread use.
+
+This module is part of the `OCA/server-auth <https://github.com/OCA/server-auth/tree/14.0/auth_signup_verify_email>`_ project on GitHub.
+
+You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.

auth_signup_verify_email/__init__.py

@@ -0,0 +1,4 @@
+# Copyright 2015 Antiun Ingeniería, S.L.
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
+
+from . import controllers

auth_signup_verify_email/__manifest__.py

@@ -0,0 +1,17 @@
+# Copyright 2015 Antiun Ingeniería, S.L.
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
+{
+    "name": "Verify email at signup",
+    "summary": "Force uninvited users to use a good email for signup",
+    "version": "14.0.1.0.0",
+    "category": "Authentication",
+    "website": "https://github.com/OCA/server-auth",
+    "author": "Antiun Ingeniería S.L., "
+    "Tecnativa, "
+    "Odoo Community Association (OCA)",
+    "license": "AGPL-3",
+    "depends": ["auth_signup"],
+    "external_dependencies": {"python": ["lxml", "email_validator"]},
+    "data": ["views/signup.xml"],
+    "installable": True,
+}

auth_signup_verify_email/controllers/__init__.py

@@ -0,0 +1,4 @@
+# Copyright 2015 Antiun Ingeniería, S.L.
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
+
+from . import main

auth_signup_verify_email/controllers/main.py

@@ -0,0 +1,80 @@
+# Copyright 2015 Antiun Ingeniería, S.L.
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
+
+import logging
+
+from email_validator import EmailSyntaxError, EmailUndeliverableError, validate_email
+
+from odoo import _
+from odoo.http import request, route
+
+from odoo.addons.auth_signup.controllers.main import AuthSignupHome
+
+_logger = logging.getLogger(__name__)
+
+
+class SignupVerifyEmail(AuthSignupHome):
+    @route()
+    def web_auth_signup(self, *args, **kw):
+        if request.params.get("login") and not request.params.get("password"):
+            return self.passwordless_signup()
+        return super().web_auth_signup(*args, **kw)
+
+    def passwordless_signup(self):
+        values = request.params
+        qcontext = self.get_auth_signup_qcontext()
+
+        # Check good format of e-mail
+        try:
+            validate_email(values.get("login", ""))
+        except EmailSyntaxError as error:
+            qcontext["error"] = getattr(
+                error,
+                "message",
+                _("That does not seem to be an email address."),
+            )
+            return request.render("auth_signup.signup", qcontext)
+        except EmailUndeliverableError as error:
+            qcontext["error"] = str(error)
+            return request.render("auth_signup.signup", qcontext)
+        except Exception as error:
+            qcontext["error"] = str(error)
+            return request.render("auth_signup.signup", qcontext)
+        if not values.get("email"):
+            values["email"] = values.get("login")
+
+        # preserve user lang
+        values["lang"] = request.context.get("lang", "")
+
+        # remove values that could raise "Invalid field '*' on model 'res.users'"
+        values.pop("redirect", "")
+        values.pop("token", "")
+
+        # Remove password
+        values["password"] = ""
+        sudo_users = request.env["res.users"].with_context(create_user=True).sudo()
+
+        try:
+            with request.cr.savepoint():
+                sudo_users.signup(values, qcontext.get("token"))
+                sudo_users.reset_password(values.get("login"))
+        except Exception as error:
+            # Duplicate key or wrong SMTP settings, probably
+            _logger.exception(error)
+            if (
+                request.env["res.users"]
+                .sudo()
+                .search([("login", "=", qcontext.get("login"))])
+            ):
+                qcontext["error"] = _(
+                    "Another user is already registered using this email" " address."
+                )
+            else:
+                # Agnostic message for security
+                qcontext["error"] = _(
+                    "Something went wrong, please try again later or" " contact us."
+                )
+            return request.render("auth_signup.signup", qcontext)
+
+        qcontext["message"] = _("Check your email to activate your account!")
+        return request.render("auth_signup.reset_password", qcontext)

auth_signup_verify_email/i18n/ar.po

@@ -0,0 +1,42 @@
+# Translation of Odoo Server.
+# This file contains the translation of the following modules:
+# 	* auth_signup_verify_email
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Odoo Server 13.0\n"
+"Report-Msgid-Bugs-To: \n"
+"PO-Revision-Date: 2021-01-06 13:44+0000\n"
+"Last-Translator: Rachid Al Assir <[email protected]>\n"
+"Language-Team: none\n"
+"Language: ar\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: \n"
+"Plural-Forms: nplurals=6; plural=n==0 ? 0 : n==1 ? 1 : n==2 ? 2 : n%100>=3 "
+"&& n%100<=10 ? 3 : n%100>=11 ? 4 : 5;\n"
+"X-Generator: Weblate 4.3.2\n"
+
+#. module: auth_signup_verify_email
+#: code:addons/auth_signup_verify_email/controllers/main.py:0
+#, python-format
+msgid "Another user is already registered using this email address."
+msgstr "هنالك مستخدم أخر مسجل بهذا البريد الإلكتروني."
+
+#. module: auth_signup_verify_email
+#: code:addons/auth_signup_verify_email/controllers/main.py:0
+#, python-format
+msgid "Check your email to activate your account!"
+msgstr "تحقق من بريدك الإلكتروني لتفعيل حسابك!"
+
+#. module: auth_signup_verify_email
+#: code:addons/auth_signup_verify_email/controllers/main.py:0
+#, python-format
+msgid "Something went wrong, please try again later or contact us."
+msgstr "حدث خطأ ما، يرجى المحاولة مرة أخرى لاحقًا أو الاتصال بنا."
+
+#. module: auth_signup_verify_email
+#: code:addons/auth_signup_verify_email/controllers/main.py:0
+#, python-format
+msgid "That does not seem to be an email address."
+msgstr "لا يبدو أن هذا عنوان بريد إلكتروني."

auth_signup_verify_email/i18n/auth_signup_verify_email.pot

@@ -0,0 +1,38 @@
+# Translation of Odoo Server.
+# This file contains the translation of the following modules:
+# 	* auth_signup_verify_email
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Odoo Server 14.0\n"
+"Report-Msgid-Bugs-To: \n"
+"Last-Translator: \n"
+"Language-Team: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: \n"
+"Plural-Forms: \n"
+
+#. module: auth_signup_verify_email
+#: code:addons/auth_signup_verify_email/controllers/main.py:0
+#, python-format
+msgid "Another user is already registered using this email address."
+msgstr ""
+
+#. module: auth_signup_verify_email
+#: code:addons/auth_signup_verify_email/controllers/main.py:0
+#, python-format
+msgid "Check your email to activate your account!"
+msgstr ""
+
+#. module: auth_signup_verify_email
+#: code:addons/auth_signup_verify_email/controllers/main.py:0
+#, python-format
+msgid "Something went wrong, please try again later or contact us."
+msgstr ""
+
+#. module: auth_signup_verify_email
+#: code:addons/auth_signup_verify_email/controllers/main.py:0
+#, python-format
+msgid "That does not seem to be an email address."
+msgstr ""