From c0bffd15a1d26927d61055f3388bc3fd6a86381a Mon Sep 17 00:00:00 2001
From: fkantelberg <florian.kantelberg@initos.com>
Date: Fri, 12 Mar 2021 14:02:30 +0100
Subject: [PATCH 01/71] Add vault and vault_share module

Fix website in manifest

Run pre-commit

Move models to own files. Apply OCA conventions

Remove logging causing the tests to fail

Add application icon

Split models into files. Use lambda for defaults

Add icon to menuitem

Use lambda as suggested

Add missing keepass lib

Show information if user lacks public key

Add note about no https

Fix domain for user_id in send wizard. Add permanent note to wizard
---
 vault/TECHNICAL.rst                           | 143 +++++
 vault/__init__.py                             |   4 +
 vault/__manifest__.py                         |  34 ++
 vault/controllers/__init__.py                 |   4 +
 vault/controllers/main.py                     | 104 ++++
 vault/models/__init__.py                      |  17 +
 vault/models/abstract_vault.py                |  67 ++
 vault/models/abstract_vault_field.py          |  56 ++
 vault/models/res_users.py                     |  64 ++
 vault/models/res_users_key.py                 |  75 +++
 vault/models/vault.py                         | 158 +++++
 vault/models/vault_entry.py                   | 132 ++++
 vault/models/vault_field.py                   |  17 +
 vault/models/vault_file.py                    |  17 +
 vault/models/vault_inbox.py                   |  92 +++
 vault/models/vault_log.py                     |  46 ++
 vault/models/vault_right.py                   | 100 +++
 vault/models/vault_tag.py                     |  16 +
 vault/readme/CONTRIBUTORS.rst                 |   1 +
 vault/readme/DESCRIPTION.rst                  |   3 +
 vault/readme/ROADMAP.rst                      |   8 +
 vault/security/ir.model.access.csv            |  15 +
 vault/security/ir_rule.xml                    |  88 +++
 vault/static/description/icon.png             | Bin 0 -> 2287 bytes
 vault/static/lib/kdbxweb/kdbxweb.min.js       |   2 +
 vault/static/src/js/user_menu.js              |  26 +
 vault/static/src/js/vault.js                  | 411 +++++++++++++
 vault/static/src/js/vault_controller.js       | 350 +++++++++++
 vault/static/src/js/vault_export.js           | 134 ++++
 vault/static/src/js/vault_import.js           | 259 ++++++++
 vault/static/src/js/vault_inbox.js            |  78 +++
 vault/static/src/js/vault_utils.js            | 577 ++++++++++++++++++
 vault/static/src/js/vault_widget.js           | 544 +++++++++++++++++
 vault/static/src/scss/vault.scss              |   7 +
 vault/static/src/xml/templates.xml            | 178 ++++++
 vault/static/tests/vault_tests.js             | 209 +++++++
 vault/tests/__init__.py                       |   4 +
 vault/tests/test_inbox.py                     | 115 ++++
 vault/tests/test_log.py                       |  41 ++
 vault/tests/test_rights.py                    | 128 ++++
 vault/tests/test_user.py                      |  29 +
 vault/tests/test_vault.py                     | 131 ++++
 vault/tests/test_widgets.py                   | 156 +++++
 vault/views/assets.xml                        |  37 ++
 vault/views/menuitems.xml                     |  57 ++
 vault/views/res_users_views.xml               |  71 +++
 vault/views/templates.xml                     |  91 +++
 vault/views/vault_entry_views.xml             | 150 +++++
 vault/views/vault_field_views.xml             |  36 ++
 vault/views/vault_file_views.xml              |  36 ++
 vault/views/vault_inbox_views.xml             |  42 ++
 vault/views/vault_log_views.xml               |  18 +
 vault/views/vault_right_views.xml             |  70 +++
 vault/views/vault_views.xml                   | 104 ++++
 vault/wizards/__init__.py                     |   9 +
 vault/wizards/vault_export_wizard.py          |  63 ++
 vault/wizards/vault_export_wizard.xml         |  29 +
 vault/wizards/vault_import_wizard.py          | 134 ++++
 vault/wizards/vault_import_wizard.xml         |  53 ++
 vault/wizards/vault_send_wizard.py            |  51 ++
 vault/wizards/vault_send_wizard.xml           |  35 ++
 vault/wizards/vault_store_wizard.py           |  47 ++
 vault/wizards/vault_store_wizard.xml          |  39 ++
 vault_share/__init__.py                       |   4 +
 vault_share/__manifest__.py                   |  24 +
 vault_share/controllers/__init__.py           |   4 +
 vault_share/controllers/main.py               |  34 ++
 vault_share/data/ir_cron.xml                  |  13 +
 vault_share/models/__init__.py                |   4 +
 vault_share/models/vault_share.py             |  72 +++
 vault_share/readme/CONTRIBUTORS.rst           |   1 +
 vault_share/readme/DESCRIPTION.rst            |   6 +
 vault_share/security/ir.model.access.csv      |   2 +
 vault_share/security/ir_rule.xml              |  12 +
 vault_share/static/description/icon.png       | Bin 0 -> 2287 bytes
 vault_share/static/src/js/vault_fields.js     |  55 ++
 vault_share/static/src/js/vault_share.js      |  56 ++
 .../static/src/js/vault_share_widget.js       | 355 +++++++++++
 vault_share/static/src/js/vault_utils.js      |  19 +
 vault_share/static/src/scss/vault_share.scss  |   3 +
 vault_share/static/src/xml/templates.xml      |  48 ++
 vault_share/tests/__init__.py                 |   4 +
 vault_share/tests/test_share.py               |  44 ++
 vault_share/views/assets.xml                  |  32 +
 vault_share/views/menuitems.xml               |  16 +
 vault_share/views/templates.xml               |  44 ++
 vault_share/views/vault_share_views.xml       |  39 ++
 87 files changed, 6703 insertions(+)
 create mode 100644 vault/TECHNICAL.rst
 create mode 100644 vault/__init__.py
 create mode 100644 vault/__manifest__.py
 create mode 100644 vault/controllers/__init__.py
 create mode 100644 vault/controllers/main.py
 create mode 100644 vault/models/__init__.py
 create mode 100644 vault/models/abstract_vault.py
 create mode 100644 vault/models/abstract_vault_field.py
 create mode 100644 vault/models/res_users.py
 create mode 100644 vault/models/res_users_key.py
 create mode 100644 vault/models/vault.py
 create mode 100644 vault/models/vault_entry.py
 create mode 100644 vault/models/vault_field.py
 create mode 100644 vault/models/vault_file.py
 create mode 100644 vault/models/vault_inbox.py
 create mode 100644 vault/models/vault_log.py
 create mode 100644 vault/models/vault_right.py
 create mode 100644 vault/models/vault_tag.py
 create mode 100644 vault/readme/CONTRIBUTORS.rst
 create mode 100644 vault/readme/DESCRIPTION.rst
 create mode 100644 vault/readme/ROADMAP.rst
 create mode 100644 vault/security/ir.model.access.csv
 create mode 100644 vault/security/ir_rule.xml
 create mode 100644 vault/static/description/icon.png
 create mode 100644 vault/static/lib/kdbxweb/kdbxweb.min.js
 create mode 100644 vault/static/src/js/user_menu.js
 create mode 100644 vault/static/src/js/vault.js
 create mode 100644 vault/static/src/js/vault_controller.js
 create mode 100644 vault/static/src/js/vault_export.js
 create mode 100644 vault/static/src/js/vault_import.js
 create mode 100644 vault/static/src/js/vault_inbox.js
 create mode 100644 vault/static/src/js/vault_utils.js
 create mode 100644 vault/static/src/js/vault_widget.js
 create mode 100644 vault/static/src/scss/vault.scss
 create mode 100644 vault/static/src/xml/templates.xml
 create mode 100644 vault/static/tests/vault_tests.js
 create mode 100644 vault/tests/__init__.py
 create mode 100644 vault/tests/test_inbox.py
 create mode 100644 vault/tests/test_log.py
 create mode 100644 vault/tests/test_rights.py
 create mode 100644 vault/tests/test_user.py
 create mode 100644 vault/tests/test_vault.py
 create mode 100644 vault/tests/test_widgets.py
 create mode 100644 vault/views/assets.xml
 create mode 100644 vault/views/menuitems.xml
 create mode 100644 vault/views/res_users_views.xml
 create mode 100644 vault/views/templates.xml
 create mode 100644 vault/views/vault_entry_views.xml
 create mode 100644 vault/views/vault_field_views.xml
 create mode 100644 vault/views/vault_file_views.xml
 create mode 100644 vault/views/vault_inbox_views.xml
 create mode 100644 vault/views/vault_log_views.xml
 create mode 100644 vault/views/vault_right_views.xml
 create mode 100644 vault/views/vault_views.xml
 create mode 100644 vault/wizards/__init__.py
 create mode 100644 vault/wizards/vault_export_wizard.py
 create mode 100644 vault/wizards/vault_export_wizard.xml
 create mode 100644 vault/wizards/vault_import_wizard.py
 create mode 100644 vault/wizards/vault_import_wizard.xml
 create mode 100644 vault/wizards/vault_send_wizard.py
 create mode 100644 vault/wizards/vault_send_wizard.xml
 create mode 100644 vault/wizards/vault_store_wizard.py
 create mode 100644 vault/wizards/vault_store_wizard.xml
 create mode 100644 vault_share/__init__.py
 create mode 100644 vault_share/__manifest__.py
 create mode 100644 vault_share/controllers/__init__.py
 create mode 100644 vault_share/controllers/main.py
 create mode 100644 vault_share/data/ir_cron.xml
 create mode 100644 vault_share/models/__init__.py
 create mode 100644 vault_share/models/vault_share.py
 create mode 100644 vault_share/readme/CONTRIBUTORS.rst
 create mode 100644 vault_share/readme/DESCRIPTION.rst
 create mode 100644 vault_share/security/ir.model.access.csv
 create mode 100644 vault_share/security/ir_rule.xml
 create mode 100644 vault_share/static/description/icon.png
 create mode 100644 vault_share/static/src/js/vault_fields.js
 create mode 100644 vault_share/static/src/js/vault_share.js
 create mode 100644 vault_share/static/src/js/vault_share_widget.js
 create mode 100644 vault_share/static/src/js/vault_utils.js
 create mode 100644 vault_share/static/src/scss/vault_share.scss
 create mode 100644 vault_share/static/src/xml/templates.xml
 create mode 100644 vault_share/tests/__init__.py
 create mode 100644 vault_share/tests/test_share.py
 create mode 100644 vault_share/views/assets.xml
 create mode 100644 vault_share/views/menuitems.xml
 create mode 100644 vault_share/views/templates.xml
 create mode 100644 vault_share/views/vault_share_views.xml

diff --git a/vault/TECHNICAL.rst b/vault/TECHNICAL.rst
new file mode 100644
index 0000000000..4a5456445d
--- /dev/null
+++ b/vault/TECHNICAL.rst
@@ -0,0 +1,143 @@
+::
+
+  ┌───────┐ ┏━━━━━━━━━━━━━┓ ╔═══════════╗
+  │ input │ ┃ unencrypted ┃ ║ encrypted ║
+  └───────┘ ┗━━━━━━━━━━━━━┛ ╚═══════════╝
+
+Vault
+=====
+
+Each vault stores entries with enrypted fields and files in a tree like structure. The access is controlled per vault. Every added user can read the secrets of a vault. Otherwise the users can receive permission to share the vault with other users, to write secrets in the vault, or to delete entries of the vault. The databases stores the public and password protected private key of each user. The password used for the private key is derived from a password entered by the user and should be different than the password used for the login. Keep in mind that the meta information like field name or file names aren't encrypted.
+
+Shared-key encryption
+=====================
+
+To be able to securely share sensitive data between all users a shared-key encryption is used. All users share a common secret for each vault. This secret is encrypted by the public key of each user to grant access to the user by using the private key to restore the secret.
+
+Encryption of master key
+------------------------
+
+::
+
+  .                   ┏━━━━━━━━━━━━┓
+                      ┃ Master key ┃
+                      ┗━━━━━━━━━━━━┛
+  ┏━━━━━━━━━━━━━━━━━┓       ┃
+  ┃ User            ┃       ▼
+  ┃                 ┃   ┏━━━━━━━━━┓
+  ┃ ┏━━━━━━━━━━━━━┓ ┃   ┃ encrypt ┃      ╔════════════╗
+  ┃ ┃ Public key  ┃━━━━▶┃ (RSA)   ┃━━━━━▶║ Master key ║
+  ┃ ┗━━━━━━━━━━━━━┛ ┃   ┗━━━━━━━━━┛      ╚════════════╝
+  ┃ ╔═════════════╗ ┃
+  ┃ ║ Private key ║ ┃
+  ┃ ╚═════════════╝ ┃
+  ┗━━━━━━━━━━━━━━━━━┛
+
+Decryption of master key
+------------------------
+
+::
+
+  .   ┌──────────┐     ┏━━━━━━━━━━┓
+      │ Password │━━━━▶┃ derive   ┃
+      └──────────┘     ┃ (PBKDF2) ┃
+                       ┗━━━━━━━━━━┛
+                            ┃
+  ┏━━━━━━━━━━━━━━━━━┓       ▼                          ╔════════════╗
+  ┃ User            ┃  ┏━━━━━━━━━━┓                    ║ Master key ║
+  ┃                 ┃  ┃ Password ┃                    ╚════════════╝
+  ┃ ┏━━━━━━━━━━━━━┓ ┃  ┗━━━━━━━━━━┛                          ┃
+  ┃ ┃ Public key  ┃ ┃       ┃                                ▼
+  ┃ ┗━━━━━━━━━━━━━┛ ┃       ▼                           ┏━━━━━━━━━┓
+  ┃ ╔═════════════╗ ┃   ┏━━━━━━━━┓   ┏━━━━━━━━━━━━━┓    ┃ decrypt ┃      ┏━━━━━━━━━━━━┓
+  ┃ ║ Private key ║━━━━━┃ unlock ┃━━▶┃ Private key ┃━━━▶┃ (RSA)   ┃━━━━━▶┃ Master key ┃
+  ┃ ╚═════════════╝ ┃   ┗━━━━━━━━┛   ┗━━━━━━━━━━━━━┛    ┗━━━━━━━━━┛      ┗━━━━━━━━━━━━┛
+  ┗━━━━━━━━━━━━━━━━━┛
+
+Symmetric encryption of the data
+================================
+
+The symmetric cipher AES is used with the common master key to encrypt/decrypt the secrets of the vaults. The encryption parameter and encrypted data is stored in the database while everything else happens in the browser.
+
+Encryption of data
+------------------
+
+::
+
+  .               ┏━━━━━━━━━━━━┓
+                  ┃ Master key ┃
+                  ┗━━━━━━━━━━━━┛
+                        ┃        ┏━━━━━━━━━━━━━━━━━━┓
+                        ▼        ┃ Database         ┃
+                   ┏━━━━━━━━━┓   ┃                  ┃
+  ┏━━━━━━━━━━━━┓   ┃ encrypt ┃   ┃╔════════════════╗┃
+  ┃ Plain text ┃━━▶┃ (AES)   ┃━━━▶║ Encrypted data ║┃
+  ┗━━━━━━━━━━━━┛   ┗━━━━━━━━━┛   ┃╚════════════════╝┃
+                        ┃        ┃┏━━━━━━━━━━━━━━━━┓┃
+                        ┗━━━━━━━━▶┃ Parameters     ┃┃
+                                 ┃┗━━━━━━━━━━━━━━━━┛┃
+                                 ┗━━━━━━━━━━━━━━━━━━┛
+
+Decryption of data
+------------------
+
+::
+
+  .                    ┏━━━━━━━━━━━━┓
+                       ┃ Master key ┃
+                       ┗━━━━━━━━━━━━┛
+  ┏━━━━━━━━━━━━━━━━━━┓       ┃
+  ┃ Database         ┃       ▼
+  ┃                  ┃   ┏━━━━━━━━━┓
+  ┃╔════════════════╗┃   ┃ decrypt ┃   ┏━━━━━━━━━━━━┓
+  ┃║ Encrypted data ║━━━▶┃ (AES)   ┃━━▶┃ Plain text ┃
+  ┃╚════════════════╝┃   ┗━━━━━━━━━┛   ┗━━━━━━━━━━━━┛
+  ┃┏━━━━━━━━━━━━━━━━┓┃       ▲
+  ┃┃ Parameters     ┃━━━━━━━━┛
+  ┃┗━━━━━━━━━━━━━━━━┛┃
+  ┗━━━━━━━━━━━━━━━━━━┛
+
+Inbox
+=====
+
+This allows an user to receive encrypted secrets by external or internal Odoo users. External users have to use either the owner specific inbox link from his preferences or the link of an already created inbox. The value is symmetrically encrypted. The key for the encryption is wrapped with the public key of the user of the inbox to grant the user the access to the key. Internal users can directly send a secret from a vault entry to another user who has enabled this feature. If a direct link is used the access counter and expiration time can block an overwrite.
+
+Encryption of inbox
+-------------------
+
+::
+
+  .                   ┏━━━━━━━━━━━━┓
+                      ┃ Plain data ┃
+                      ┗━━━━━━━━━━━━┛
+  ┏━━━━━━━━━━━━━━━━━┓       ┃
+  ┃ User            ┃       ▼
+  ┃                 ┃   ┏━━━━━━━━━┓
+  ┃ ┏━━━━━━━━━━━━━┓ ┃   ┃ encrypt ┃      ╔════════════════╗
+  ┃ ┃ Public key  ┃━━━━▶┃ (RSA)   ┃━━━━━▶║ Encrypted data ║
+  ┃ ┗━━━━━━━━━━━━━┛ ┃   ┗━━━━━━━━━┛      ╚════════════════╝
+  ┃ ╔═════════════╗ ┃
+  ┃ ║ Private key ║ ┃
+  ┃ ╚═════════════╝ ┃
+  ┗━━━━━━━━━━━━━━━━━┛
+
+Decryption of inbox
+-------------------
+
+::
+
+  .   ┌──────────┐     ┏━━━━━━━━━━┓
+      │ Password │━━━━▶┃ derive   ┃
+      └──────────┘     ┃ (PBKDF2) ┃
+                       ┗━━━━━━━━━━┛
+                            ┃
+  ┏━━━━━━━━━━━━━━━━━┓       ▼                        ╔════════════════╗
+  ┃ User            ┃  ┏━━━━━━━━━━┓                  ║ Encrypted data ║
+  ┃                 ┃  ┃ Password ┃                  ╚════════════════╝
+  ┃ ┏━━━━━━━━━━━━━┓ ┃  ┗━━━━━━━━━━┛                          ┃
+  ┃ ┃ Public key  ┃ ┃       ┃                                ▼
+  ┃ ┗━━━━━━━━━━━━━┛ ┃       ▼                           ┏━━━━━━━━━┓
+  ┃ ╔═════════════╗ ┃   ┏━━━━━━━━┓   ┏━━━━━━━━━━━━━┓    ┃ decrypt ┃      ┏━━━━━━━━━━━━┓
+  ┃ ║ Private key ║━━━━━┃ unlock ┃━━▶┃ Private key ┃━━━▶┃ (RSA)   ┃━━━━━▶┃ Plain data ┃
+  ┃ ╚═════════════╝ ┃   ┗━━━━━━━━┛   ┗━━━━━━━━━━━━━┛    ┗━━━━━━━━━┛      ┗━━━━━━━━━━━━┛
+  ┗━━━━━━━━━━━━━━━━━┛
diff --git a/vault/__init__.py b/vault/__init__.py
new file mode 100644
index 0000000000..843ac90a95
--- /dev/null
+++ b/vault/__init__.py
@@ -0,0 +1,4 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+from . import controllers, models, wizards
diff --git a/vault/__manifest__.py b/vault/__manifest__.py
new file mode 100644
index 0000000000..9154b86381
--- /dev/null
+++ b/vault/__manifest__.py
@@ -0,0 +1,34 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+{
+    "name": "Vault",
+    "summary": "Password vault integration in Odoo",
+    "license": "AGPL-3",
+    "version": "14.0.1.5.0",
+    "website": "https://github.com/OCA/server-auth",
+    "application": True,
+    "author": "initOS GmbH, Odoo Community Association (OCA)",
+    "category": "Vault",
+    "depends": ["web"],
+    "data": [
+        "security/ir.model.access.csv",
+        "security/ir_rule.xml",
+        "views/assets.xml",
+        "views/res_users_views.xml",
+        "views/vault_entry_views.xml",
+        "views/vault_field_views.xml",
+        "views/vault_file_views.xml",
+        "views/vault_log_views.xml",
+        "views/vault_inbox_views.xml",
+        "views/vault_right_views.xml",
+        "views/vault_views.xml",
+        "views/menuitems.xml",
+        "views/templates.xml",
+        "wizards/vault_export_wizard.xml",
+        "wizards/vault_import_wizard.xml",
+        "wizards/vault_send_wizard.xml",
+        "wizards/vault_store_wizard.xml",
+    ],
+    "qweb": ["static/src/xml/templates.xml"],
+}
diff --git a/vault/controllers/__init__.py b/vault/controllers/__init__.py
new file mode 100644
index 0000000000..aabfa83edd
--- /dev/null
+++ b/vault/controllers/__init__.py
@@ -0,0 +1,4 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+from . import main
diff --git a/vault/controllers/main.py b/vault/controllers/main.py
new file mode 100644
index 0000000000..3338ad5426
--- /dev/null
+++ b/vault/controllers/main.py
@@ -0,0 +1,104 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import logging
+
+from odoo import _, http
+from odoo.http import request
+
+_logger = logging.getLogger(__name__)
+
+
+class Controller(http.Controller):
+    @http.route("/vault/inbox/<string:token>", type="http", auth="public")
+    def vault_inbox(self, token):
+        ctx = {"disable_footer": True, "token": token}
+        # Find the right token
+        inbox = request.env["vault.inbox"].sudo().find_inbox(token)
+        user = request.env["res.users"].sudo().find_user_of_inbox(token)
+        _logger.info("%s: %s", inbox, user)
+        if len(inbox) == 1 and inbox.accesses > 0:
+            ctx.update({"name": inbox.name, "public": inbox.user_id.active_key.public})
+        elif len(inbox) == 0 and len(user) == 1:
+            ctx["public"] = user.active_key.public
+
+        # A valid token would mean we found a public key
+        if not ctx.get("public"):
+            ctx["error"] = _("Invalid token")
+            return request.render("vault.inbox", ctx)
+
+        # Just render if GET method
+        if request.httprequest.method != "POST":
+            return request.render("vault.inbox", ctx)
+
+        # Check the param
+        name = request.params.get("name")
+        secret = request.params.get("encrypted")
+        secret_file = request.params.get("encrypted_file")
+        filename = request.params.get("filename")
+        iv = request.params.get("iv")
+        key = request.params.get("key")
+        if not name:
+            ctx["error"] = _("Please specify a name")
+            return request.render("vault.inbox", ctx)
+
+        if not secret and not secret_file:
+            ctx["error"] = _("No secret found")
+            return request.render("vault.inbox", ctx)
+
+        if secret_file and not filename:
+            ctx["error"] = _("Missing filename")
+            return request.render("vault.inbox", ctx)
+
+        if not iv or not key:
+            ctx["error"] = _("Something went wrong with the encryption")
+            return request.render("vault.inbox", ctx)
+
+        try:
+            inbox.store_in_inbox(name, secret, secret_file, iv, key, user, filename)
+        except Exception as e:
+            _logger.exception(e)
+            ctx["error"] = _(
+                "An error occured. Please contact the user or administrator"
+            )
+            return request.render("vault.inbox", ctx)
+
+        ctx["message"] = _("Successfully stored")
+        return request.render("vault.inbox", ctx)
+
+    @http.route("/vault/public", type="json")
+    def vault_public(self, user_id):
+        """ Get the public key of a specific user """
+        user = request.env["res.users"].sudo().browse(user_id).exists()
+        if not user or not user.keys:
+            return {}
+
+        return {"public_key": user.active_keys.public}
+
+    @http.route("/vault/keys/store", auth="user", type="json")
+    def vault_store_keys(self, **kwargs):
+        """ Store the key pair for the current user """
+        return request.env["res.users.key"].store(**kwargs)
+
+    @http.route("/vault/keys/get", auth="user", type="json")
+    def vault_get_keys(self):
+        """ Get the currently active key pair """
+        return request.env.user.get_vault_keys()
+
+    @http.route("/vault/rights/get", auth="user", type="json")
+    def vault_get_right_keys(self):
+        """ Get the master keys from the vault.right records """
+        rights = request.env.user.vault_right_ids
+        return {right.vault_id.uuid: right.key for right in rights}
+
+    @http.route("/vault/rights/store", auth="user", type="json")
+    def vault_store_right_keys(self, keys):
+        """ Store the master keys to the specific vault.right records """
+        if not isinstance(keys, dict):
+            return
+
+        for right in request.env.user.vault_right_ids:
+            master_key = keys.get(right.vault_id.uuid)
+
+            if isinstance(master_key, str):
+                right.key = master_key
diff --git a/vault/models/__init__.py b/vault/models/__init__.py
new file mode 100644
index 0000000000..492cc527a4
--- /dev/null
+++ b/vault/models/__init__.py
@@ -0,0 +1,17 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+from . import (
+    abstract_vault,
+    abstract_vault_field,
+    res_users,
+    res_users_key,
+    vault,
+    vault_entry,
+    vault_field,
+    vault_file,
+    vault_inbox,
+    vault_log,
+    vault_right,
+    vault_tag,
+)
diff --git a/vault/models/abstract_vault.py b/vault/models/abstract_vault.py
new file mode 100644
index 0000000000..4e63e10b93
--- /dev/null
+++ b/vault/models/abstract_vault.py
@@ -0,0 +1,67 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import logging
+
+from odoo import _, api, models
+from odoo.exceptions import AccessError
+
+_logger = logging.getLogger(__name__)
+
+
+class AbstractVault(models.AbstractModel):
+    """Models must have the following fields:
+    `perm_user`: The permissions are computed for this user
+    `allowed_write`: The current user can read from the vault
+    `allowed_write`: The current user has write access to the vault
+    `allowed_share`: The current user can share the vault with other users
+    `allowed_delete`: The current user can delete the vault or entries of it
+    """
+
+    _name = "vault.abstract"
+    _description = _("Abstract model to implement general access rights")
+
+    @api.model
+    def raise_access_error(self):
+        raise AccessError(
+            _(
+                "The requested operation can not be completed due to security "
+                "restrictions."
+            )
+        )
+
+    def check_access_rule(self, operation):
+        super().check_access_rule(operation)
+
+        if self.env.su:
+            return
+
+        # We have to recompute if the user of the environment changed
+        if self.env.user != self.mapped("perm_user"):
+            vault = self if self._name == "vault" else self.mapped("vault_id")
+            vault._compute_access()
+
+        # Check the operation and matching permissions
+        if operation == "read" and not self.filtered("allowed_read"):
+            self.raise_access_error()
+
+        if operation == "write" and not self.filtered("allowed_write"):
+            self.raise_access_error()
+
+        if operation == "unlink" and not self.filtered("allowed_delete"):
+            self.raise_access_error()
+
+    def _log_entry(self, msg, state):
+        raise NotImplementedError()
+
+    def log_entry(self, msg):
+        return self._log_entry(msg, None)
+
+    def log_info(self, msg):
+        return self._log_entry(msg, "info")
+
+    def log_warn(self, msg):
+        return self._log_entry(msg, "warn")
+
+    def log_error(self, msg):
+        return self._log_entry(msg, "error")
diff --git a/vault/models/abstract_vault_field.py b/vault/models/abstract_vault_field.py
new file mode 100644
index 0000000000..bb062c90a7
--- /dev/null
+++ b/vault/models/abstract_vault_field.py
@@ -0,0 +1,56 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import logging
+
+from odoo import _, api, fields, models
+
+_logger = logging.getLogger(__name__)
+
+
+class AbstractVaultField(models.AbstractModel):
+    _name = "vault.abstract.field"
+    _description = _("Abstract model to implement basic fields for encryption")
+
+    entry_id = fields.Many2one("vault.entry", ondelete="cascade", required=True)
+    vault_id = fields.Many2one(related="entry_id.vault_id")
+    master_key = fields.Char(compute="_compute_master_key", store=False)
+
+    perm_user = fields.Many2one(related="vault_id.perm_user", store=False)
+    allowed_read = fields.Boolean(related="vault_id.allowed_read", store=False)
+    allowed_write = fields.Boolean(related="vault_id.allowed_write", store=False)
+    allowed_share = fields.Boolean(related="vault_id.allowed_share", store=False)
+    allowed_delete = fields.Boolean(related="vault_id.allowed_delete", store=False)
+
+    name = fields.Char(required=True)
+    iv = fields.Char()
+
+    @api.depends("entry_id.vault_id.master_key")
+    def _compute_master_key(self):
+        for rec in self:
+            rec.master_key = rec.vault_id.master_key
+
+    def log_change(self, action):
+        self.ensure_one()
+        self.entry_id.log_info(
+            f"{action} value {self.name} of {self.entry_id.complete_name} "
+            f"by {self.env.user.display_name}"
+        )
+
+    @api.model_create_single
+    def create(self, values):
+        res = super().create(values)
+        res.log_change("Created")
+        return res
+
+    def unlink(self):
+        for rec in self:
+            rec.log_change("Deleted")
+
+        return super().unlink()
+
+    def write(self, values):
+        for rec in self:
+            rec.log_change("Changed")
+
+        return super().write(values)
diff --git a/vault/models/res_users.py b/vault/models/res_users.py
new file mode 100644
index 0000000000..1c836c1914
--- /dev/null
+++ b/vault/models/res_users.py
@@ -0,0 +1,64 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import logging
+from uuid import uuid4
+
+from odoo import api, fields, models
+
+_logger = logging.getLogger(__name__)
+
+
+class ResUsers(models.Model):
+    _inherit = "res.users"
+
+    active_key = fields.Many2one(
+        "res.users.key",
+        compute="_compute_active_key",
+        store=False,
+    )
+    keys = fields.One2many("res.users.key", "user_id", readonly=True)
+    vault_right_ids = fields.One2many("vault.right", "user_id", readonly=True)
+    inbox_enabled = fields.Boolean(default=True)
+    inbox_link = fields.Char(compute="_compute_inbox_link", readonly=True, store=False)
+    inbox_token = fields.Char(default=lambda self: uuid4(), readonly=True)
+
+    @api.depends("keys", "keys.current")
+    def _compute_active_key(self):
+        for rec in self:
+            keys = rec.keys.filtered("current")
+            rec.active_key = keys[0] if keys else None
+
+    @api.depends("inbox_token")
+    def _compute_inbox_link(self):
+        base_url = self.env["ir.config_parameter"].sudo().get_param("web.base.url")
+        for rec in self:
+            rec.inbox_link = f"{base_url}/vault/inbox/{rec.inbox_token}"
+
+    @api.model
+    def action_get_vault(self):
+        return self.sudo().env.ref("vault.action_res_users_keys").read()[0]
+
+    def action_new_share_token(self):
+        self.ensure_one()
+        self.inbox_token = uuid4()
+        return {"type": "ir.actions.act_window_close"}
+
+    @api.model
+    def find_user_of_inbox(self, token):
+        return self.search([("inbox_token", "=", token), ("inbox_enabled", "=", True)])
+
+    def get_vault_keys(self):
+        self.ensure_one()
+
+        if not self.active_key:
+            return {}
+
+        return {
+            "iterations": self.active_key.iterations,
+            "iv": self.active_key.iv,
+            "private": self.active_key.private,
+            "public": self.active_key.public,
+            "salt": self.active_key.salt,
+            "uuid": self.active_key.uuid,
+        }
diff --git a/vault/models/res_users_key.py b/vault/models/res_users_key.py
new file mode 100644
index 0000000000..4fdff0f795
--- /dev/null
+++ b/vault/models/res_users_key.py
@@ -0,0 +1,75 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import logging
+import re
+from hashlib import sha256
+from uuid import uuid4
+
+from odoo import _, api, fields, models
+from odoo.exceptions import ValidationError
+
+_logger = logging.getLogger(__name__)
+
+
+class ResUsersKey(models.Model):
+    _name = "res.users.key"
+    _description = _("User data of a vault")
+    _rec_name = "fingerprint"
+    _order = "create_date DESC"
+
+    user_id = fields.Many2one("res.users", required=True)
+    uuid = fields.Char(default=lambda self: uuid4(), required=True, readonly=True)
+    current = fields.Boolean(default=True, readonly=True)
+    fingerprint = fields.Char(compute="_compute_fingerprint", store=True)
+    public = fields.Char(required=True, readonly=True)
+    salt = fields.Char(required=True, readonly=True)
+    iv = fields.Char(required=True, readonly=True)
+    iterations = fields.Integer(required=True, readonly=True)
+    # Encrypted with master password of user
+    private = fields.Char(required=True, readonly=True)
+
+    @api.depends("public")
+    def _compute_fingerprint(self):
+        for rec in self:
+            if rec.public:
+                hashed = sha256(rec.public.encode()).hexdigest()
+                rec.fingerprint = ":".join(re.findall(r".{2}", hashed))
+            else:
+                rec.fingerprint = False
+
+    def _prepare_values(self, iterations, iv, private, public, salt):
+        return {
+            "iterations": iterations,
+            "iv": iv,
+            "private": private,
+            "public": public,
+            "salt": salt,
+            "user_id": self.env.uid,
+            "current": True,
+        }
+
+    def store(self, iterations, iv, private, public, salt):
+        if not all(isinstance(x, str) and x for x in [public, private, iv, salt]):
+            raise ValidationError(_("Invalid parameter"))
+
+        if not isinstance(iterations, int) or iterations < 4000:
+            raise ValidationError(_("Invalid parameter"))
+
+        domain = [
+            ("user_id", "=", self.env.uid),
+            ("private", "=", private),
+        ]
+        if not self.search(domain):
+            # Disable all current keys
+            self.env.user.keys.write({"current": False})
+
+            rec = self.create(
+                self._prepare_values(iterations, iv, private, public, salt)
+            )
+            return rec.uuid
+        return False
+
+    def extract_public_key(self, user):
+        user = self.sudo().search([("user_id", "=", user), ("current", "=", True)])
+        return user.public or None
diff --git a/vault/models/vault.py b/vault/models/vault.py
new file mode 100644
index 0000000000..873d10fe42
--- /dev/null
+++ b/vault/models/vault.py
@@ -0,0 +1,158 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import logging
+from uuid import uuid4
+
+from odoo import _, api, fields, models
+
+_logger = logging.getLogger(__name__)
+
+
+class Vault(models.Model):
+    _name = "vault"
+    _description = _("Vault")
+    _inherit = ["vault.abstract"]
+    _order = "name"
+
+    user_id = fields.Many2one(
+        "res.users",
+        "Owner",
+        readonly=True,
+        default=lambda self: self.env.user,
+        required=True,
+    )
+    right_ids = fields.One2many(
+        "vault.right",
+        "vault_id",
+        "Rights",
+        default=lambda self: self._get_default_rights(),
+    )
+    entry_ids = fields.One2many("vault.entry", "vault_id", "Entries")
+    field_ids = fields.One2many("vault.field", "vault_id", "Fields")
+    file_ids = fields.One2many("vault.file", "vault_id", "Files")
+    log_ids = fields.One2many("vault.log", "vault_id", "Log", readonly=True)
+
+    # Access control
+    perm_user = fields.Many2one("res.users", compute="_compute_access", store=False)
+    allowed_read = fields.Boolean(compute="_compute_access", store=False)
+    allowed_share = fields.Boolean(compute="_compute_access", store=False)
+    allowed_write = fields.Boolean(compute="_compute_access", store=False)
+    allowed_delete = fields.Boolean(compute="_compute_access", store=False)
+
+    master_key = fields.Char(
+        compute="_compute_master_key",
+        inverse="_inverse_master_key",
+        store=False,
+    )
+
+    uuid = fields.Char(default=lambda self: uuid4(), required=True, readonly=True)
+    name = fields.Char(required=True)
+    note = fields.Text()
+
+    _sql_constraints = [
+        ("uuid_uniq", "UNIQUE(uuid)", _("The UUID must be unique.")),
+    ]
+
+    @api.depends("right_ids.user_id")
+    def _compute_access(self):
+        user = self.env.user
+        for rec in self.sudo():
+            rec.perm_user = user.id
+
+            if user == rec.user_id:
+                rec.write(
+                    {
+                        "allowed_share": True,
+                        "allowed_write": True,
+                        "allowed_delete": True,
+                        "allowed_read": True,
+                    }
+                )
+                continue
+
+            rights = rec.right_ids
+            rec.allowed_read = user in rights.mapped("user_id")
+            rec.allowed_share = user in rights.filtered("perm_share").mapped("user_id")
+            rec.allowed_write = user in rights.filtered("perm_write").mapped("user_id")
+            rec.allowed_delete = user in rights.filtered("perm_delete").mapped(
+                "user_id"
+            )
+
+    @api.depends("right_ids.key")
+    def _compute_master_key(self):
+        domain = [("user_id", "=", self.env.uid)]
+        for rec in self:
+            rights = rec.right_ids.filtered_domain(domain)
+            rec.master_key = rights[0].key if rights else False
+
+    def _inverse_master_key(self):
+        domain = [("user_id", "=", self.env.uid)]
+        for rec in self:
+            rights = rec.right_ids.filtered_domain(domain)
+            if rights and not rights.key:
+                rights.key = rec.master_key
+
+    def _get_default_rights(self):
+        return [
+            (
+                0,
+                0,
+                {
+                    "user_id": self.env.uid,
+                    "perm_write": True,
+                    "perm_delete": True,
+                    "perm_share": True,
+                },
+            )
+        ]
+
+    def _log_entry(self, msg, state):
+        self.ensure_one()
+        return (
+            self.env["vault.log"]
+            .sudo()
+            .create(
+                {
+                    "vault_id": self.id,
+                    "user_id": self.env.uid,
+                    "message": msg,
+                    "state": state,
+                }
+            )
+        )
+
+    def share_public_keys(self):
+        self.ensure_one()
+        result = []
+        for right in self.right_ids:
+            result.append({"user": right.user_id.id, "public": right.public_key})
+        return result
+
+    def action_open_import_wizard(self):
+        self.ensure_one()
+        wizard = self.env.ref("vault.view_vault_import_wizard")
+        return {
+            "name": _("Import from file"),
+            "type": "ir.actions.act_window",
+            "view_mode": "form",
+            "res_model": "vault.import.wizard",
+            "views": [(wizard.id, "form")],
+            "view_id": wizard.id,
+            "target": "new",
+            "context": {"default_vault_id": self.id},
+        }
+
+    def action_open_export_wizard(self):
+        self.ensure_one()
+        wizard = self.env.ref("vault.view_vault_export_wizard")
+        return {
+            "name": _("Export to file"),
+            "type": "ir.actions.act_window",
+            "view_mode": "form",
+            "res_model": "vault.export.wizard",
+            "views": [(wizard.id, "form")],
+            "view_id": wizard.id,
+            "target": "new",
+            "context": {"default_vault_id": self.id},
+        }
diff --git a/vault/models/vault_entry.py b/vault/models/vault_entry.py
new file mode 100644
index 0000000000..1e829fe6e4
--- /dev/null
+++ b/vault/models/vault_entry.py
@@ -0,0 +1,132 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import logging
+from datetime import datetime
+from uuid import uuid4
+
+from odoo import _, api, fields, models
+
+_logger = logging.getLogger(__name__)
+
+
+class VaultEntry(models.Model):
+    _name = "vault.entry"
+    _description = _("Entry inside a vault")
+    _inherit = ["vault.abstract"]
+    _order = "complete_name"
+    _rec_name = "complete_name"
+
+    parent_id = fields.Many2one("vault.entry", "Parent", ondelete="cascade")
+    child_ids = fields.One2many("vault.entry", "parent_id", "Child")
+
+    vault_id = fields.Many2one("vault", "Vault", ondelete="cascade", required=True)
+    user_id = fields.Many2one(related="vault_id.user_id")
+    field_ids = fields.One2many("vault.field", "entry_id", "Fields")
+    file_ids = fields.One2many("vault.file", "entry_id", "Files")
+    log_ids = fields.One2many("vault.log", "entry_id", "Log", readonly=True)
+
+    perm_user = fields.Many2one(related="vault_id.perm_user", store=False)
+    allowed_read = fields.Boolean(related="vault_id.allowed_read", store=False)
+    allowed_share = fields.Boolean(related="vault_id.allowed_share", store=False)
+    allowed_write = fields.Boolean(related="vault_id.allowed_write", store=False)
+    allowed_delete = fields.Boolean(related="vault_id.allowed_delete", store=False)
+
+    complete_name = fields.Char(
+        compute="_compute_complete_name",
+        store=True,
+        readonly=True,
+    )
+    uuid = fields.Char(default=lambda self: uuid4(), required=True)
+    name = fields.Char(required=True)
+    url = fields.Char()
+    note = fields.Text()
+    tags = fields.Many2many("vault.tag")
+    expire_date = fields.Datetime("Expires on", default=False)
+    expired = fields.Boolean(compute="_compute_expired", store=False)
+
+    _sql_constraints = [
+        ("vault_uuid_uniq", "UNIQUE(vault_id, uuid)", _("The UUID must be unique.")),
+    ]
+
+    @api.depends("name", "parent_id.complete_name")
+    def _compute_complete_name(self):
+        for rec in self:
+            if rec.parent_id:
+                rec.complete_name = f"{rec.parent_id.complete_name} / {rec.name}"
+            else:
+                rec.complete_name = rec.name
+
+    @api.depends("expire_date")
+    def _compute_expired(self):
+        now = datetime.now()
+        for rec in self:
+            rec.expired = rec.expire_date and now > rec.expire_date
+
+    def log_change(self, action):
+        self.ensure_one()
+        self.log_info(
+            f"{action} entry {self.complete_name} by {self.env.user.display_name}"
+        )
+
+    @api.model_create_single
+    def create(self, values):
+        res = super().create(values)
+        res.log_change("Created")
+        return res
+
+    def unlink(self):
+        for rec in self:
+            rec.log_change("Deleted")
+
+        return super().unlink()
+
+    def _log_entry(self, msg, state):
+        self.ensure_one()
+        return (
+            self.env["vault.log"]
+            .sudo()
+            .create(
+                {
+                    "vault_id": self.vault_id.id,
+                    "entry_id": self.id,
+                    "user_id": self.env.uid,
+                    "message": msg,
+                    "state": state,
+                }
+            )
+        )
+
+    def action_open_import_wizard(self):
+        self.ensure_one()
+        wizard = self.env.ref("vault.view_vault_import_wizard")
+        return {
+            "name": _("Import from file"),
+            "type": "ir.actions.act_window",
+            "view_mode": "form",
+            "res_model": "vault.import.wizard",
+            "views": [(wizard.id, "form")],
+            "view_id": wizard.id,
+            "target": "new",
+            "context": {
+                "default_vault_id": self.vault_id.id,
+                "default_parent_id": self.id,
+            },
+        }
+
+    def action_open_export_wizard(self):
+        self.ensure_one()
+        wizard = self.env.ref("vault.view_vault_export_wizard")
+        return {
+            "name": _("Export to file"),
+            "type": "ir.actions.act_window",
+            "view_mode": "form",
+            "res_model": "vault.export.wizard",
+            "views": [(wizard.id, "form")],
+            "view_id": wizard.id,
+            "target": "new",
+            "context": {
+                "default_vault_id": self.vault_id.id,
+                "default_entry_id": self.id,
+            },
+        }
diff --git a/vault/models/vault_field.py b/vault/models/vault_field.py
new file mode 100644
index 0000000000..26490b26e0
--- /dev/null
+++ b/vault/models/vault_field.py
@@ -0,0 +1,17 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import logging
+
+from odoo import _, fields, models
+
+_logger = logging.getLogger(__name__)
+
+
+class VaultField(models.Model):
+    _name = "vault.field"
+    _description = _("Field of a vault")
+    _order = "name"
+    _inherit = ["vault.abstract.field", "vault.abstract"]
+
+    value = fields.Char(required=True)
diff --git a/vault/models/vault_file.py b/vault/models/vault_file.py
new file mode 100644
index 0000000000..6c07e9deef
--- /dev/null
+++ b/vault/models/vault_file.py
@@ -0,0 +1,17 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import logging
+
+from odoo import _, fields, models
+
+_logger = logging.getLogger(__name__)
+
+
+class VaultFile(models.Model):
+    _name = "vault.file"
+    _description = _("File of a vault")
+    _order = "name"
+    _inherit = ["vault.abstract.field", "vault.abstract"]
+
+    value = fields.Binary(attachment=False)
diff --git a/vault/models/vault_inbox.py b/vault/models/vault_inbox.py
new file mode 100644
index 0000000000..c2471bfeb4
--- /dev/null
+++ b/vault/models/vault_inbox.py
@@ -0,0 +1,92 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import logging
+from datetime import datetime, timedelta
+from uuid import uuid4
+
+from odoo import _, api, fields, models
+
+_logger = logging.getLogger(__name__)
+
+
+class VaultInbox(models.Model):
+    _name = "vault.inbox"
+    _description = _("Vault share incoming secrets")
+
+    token = fields.Char(default=lambda self: uuid4(), readonly=True)
+    inbox_link = fields.Char(
+        compute="_compute_inbox_link",
+        readonly=True,
+        help="Using this link you can write to the current inbox. If you want people "
+        "to create new inboxes you should give them your inbox link from your key "
+        "management.",
+    )
+    user_id = fields.Many2one("res.users", "Vault", required=True)
+    name = fields.Char(required=True)
+    secret = fields.Char(readonly=True)
+    filename = fields.Char()
+    secret_file = fields.Binary(attachment=False, readonly=True)
+    key = fields.Char(required=True)
+    iv = fields.Char(required=True)
+    accesses = fields.Integer(
+        "Access counter",
+        default=1,
+        help="If this is 0 the inbox will be read-only for the owner.",
+    )
+    expiration = fields.Datetime(
+        default=lambda self: datetime.now() + timedelta(days=7),
+        help="If expired the inbox will be read-only for the owner.",
+    )
+
+    _sql_constraints = [
+        (
+            "value_check",
+            "CHECK(secret IS NOT NULL OR secret_file IS NOT NULL)",
+            _("No value found"),
+        ),
+    ]
+
+    @api.depends("token")
+    def _compute_inbox_link(self):
+        base_url = self.env["ir.config_parameter"].sudo().get_param("web.base.url")
+        for rec in self:
+            rec.inbox_link = f"{base_url}/vault/inbox/{rec.token}"
+
+    def read(self, *args, **kwargs):
+        # Always load the binary instead of the size
+        return super(VaultInbox, self.with_context(bin_size=False)).read(
+            *args, **kwargs
+        )
+
+    @api.model
+    def find_inbox(self, token):
+        return self.search([("token", "=", token)])
+
+    def store_in_inbox(self, name, secret, secret_file, iv, key, user, filename):
+        if len(self) == 0:
+            return self.create(
+                {
+                    "name": name,
+                    "accesses": 0,
+                    "iv": iv,
+                    "key": key,
+                    "secret": secret or None,
+                    "secret_file": secret_file or None,
+                    "filename": filename,
+                    "user_id": user.id,
+                }
+            )
+
+        if self.accesses > 0 and datetime.now() < self.expiration:
+            self.write(
+                {
+                    "accesses": self.accesses - 1,
+                    "iv": iv,
+                    "key": key,
+                    "secret": secret or None,
+                    "secret_file": secret_file or None,
+                    "filename": filename,
+                }
+            )
+            return self
diff --git a/vault/models/vault_log.py b/vault/models/vault_log.py
new file mode 100644
index 0000000000..9189dd122d
--- /dev/null
+++ b/vault/models/vault_log.py
@@ -0,0 +1,46 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import logging
+
+from odoo import _, api, fields, models
+
+_logger = logging.getLogger(__name__)
+
+
+class VaultLog(models.Model):
+    _name = "vault.log"
+    _description = _("Log entry of a vault")
+    _order = "create_date DESC"
+    _rec_name = "message"
+
+    vault_id = fields.Many2one(
+        "vault",
+        "Vault",
+        ondelete="cascade",
+        required=True,
+        readonly=True,
+    )
+    entry_id = fields.Many2one(
+        "vault.entry",
+        "Entry",
+        ondelete="cascade",
+        readonly=True,
+    )
+    user_id = fields.Many2one("res.users", "User", required=True, readonly=True)
+    state = fields.Selection(lambda self: self._get_log_state(), readonly=True)
+    message = fields.Char(readonly=True, required=True)
+
+    def _get_log_state(self):
+        return [
+            ("info", _("Information")),
+            ("warn", _("Warning")),
+            ("error", _("Error")),
+        ]
+
+    @api.model
+    def create(self, values):
+        res = super().create(values)
+        if not self.env.context.get("skip_log", False):
+            _logger.info("Vault log: %s", res.message)
+        return res
diff --git a/vault/models/vault_right.py b/vault/models/vault_right.py
new file mode 100644
index 0000000000..a4aa6caca2
--- /dev/null
+++ b/vault/models/vault_right.py
@@ -0,0 +1,100 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+from odoo import _, api, fields, models
+
+
+class VaultRight(models.Model):
+    _name = "vault.right"
+    _description = _("Vault rights")
+    _inherit = ["vault.abstract"]
+    _order = "user_id"
+
+    vault_id = fields.Many2one(
+        "vault",
+        "Vault",
+        readonly=True,
+        required=True,
+        ondelete="cascade",
+    )
+    master_key = fields.Char(related="vault_id.master_key", readonly=True, store=False)
+    user_id = fields.Many2one(
+        "res.users", "User", domain=[("keys", "!=", False)], required=True
+    )
+    public_key = fields.Char(compute="_compute_public_key", readonly=True, store=False)
+    perm_write = fields.Boolean(
+        "Write",
+        default=lambda self: self._get_is_owner(),
+        help="Allow to write to the vault",
+    )
+    perm_share = fields.Boolean(
+        "Share",
+        default=lambda self: self._get_is_owner(),
+        help="Allow to share a vault with new users",
+    )
+    perm_delete = fields.Boolean(
+        "Delete",
+        default=lambda self: self._get_is_owner(),
+        help="Allow to delete a vault",
+    )
+
+    perm_user = fields.Many2one(related="vault_id.perm_user", store=False)
+    allowed_read = fields.Boolean(related="vault_id.allowed_read", store=False)
+    allowed_write = fields.Boolean(related="vault_id.allowed_write", store=False)
+    allowed_share = fields.Boolean(related="vault_id.allowed_share", store=False)
+    allowed_delete = fields.Boolean(related="vault_id.allowed_delete", store=False)
+
+    # Encrypted with the public key of the user
+    key = fields.Char()
+
+    _sql_constraints = (
+        ("user_uniq", "UNIQUE(user_id, vault_id)", "The user must be unique"),
+    )
+
+    def _get_is_owner(self):
+        return self.env.user == self.vault_id.user_id
+
+    @api.depends("user_id")
+    def _compute_public_key(self):
+        for rec in self:
+            rec.public_key = rec.user_id.active_key.public
+
+    def log_access(self):
+        self.ensure_one()
+        rights = ", ".join(
+            sorted(
+                ["read"]
+                + [
+                    right
+                    for right in ["write", "share", "delete"]
+                    if getattr(self, f"perm_{right}", False)
+                ]
+            )
+        )
+
+        self.vault_id.log_info(
+            f"Grant access to user {self.user_id.display_name}: {rights}"
+        )
+
+    @api.model
+    def create(self, values):
+        res = super().create(values)
+        if not res.allowed_share and not res.env.su:
+            self.raise_access_error()
+
+        res.log_access()
+        return res
+
+    def write(self, values):
+        res = super().write(values)
+        if any(x in values for x in ["perm_write", "perm_delete", "perm_share"]):
+            for rec in self:
+                rec.log_access()
+
+        return res
+
+    def unlink(self):
+        for rec in self:
+            rec.vault_id.log_info(f"Removed user {self.user_id.display_name}")
+
+        return super().unlink()
diff --git a/vault/models/vault_tag.py b/vault/models/vault_tag.py
new file mode 100644
index 0000000000..12aa3e6cb2
--- /dev/null
+++ b/vault/models/vault_tag.py
@@ -0,0 +1,16 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+from odoo import _, fields, models
+
+
+class VaultTag(models.Model):
+    _name = "vault.tag"
+    _description = _("Vault tag")
+    _order = "name"
+
+    name = fields.Char(required=True)
+
+    _sql_constraints = [
+        ("name_uniq", "unique(name)", "The tag must be unique!"),
+    ]
diff --git a/vault/readme/CONTRIBUTORS.rst b/vault/readme/CONTRIBUTORS.rst
new file mode 100644
index 0000000000..e202826121
--- /dev/null
+++ b/vault/readme/CONTRIBUTORS.rst
@@ -0,0 +1 @@
+* Florian Kantelberg <florian.kantelberg@initos.com>
diff --git a/vault/readme/DESCRIPTION.rst b/vault/readme/DESCRIPTION.rst
new file mode 100644
index 0000000000..ffccef96fe
--- /dev/null
+++ b/vault/readme/DESCRIPTION.rst
@@ -0,0 +1,3 @@
+This module implements a vault for secrets and files using end-to-end-encryption. The encryption and decryption happens in the browser using a vault specific shared master key. The master keys are encrypted using asymmetrically. For this the user has to enter a second password on the first login or if he needs to access data in a vault. The asymmetric keys are stored for a certain time in the browser storage.
+
+The server can never access the secrets with the information available. Only people registered in the vault can decrypt or encrypt values in a vault. The meta data isn't encrypted to be able to search/filter for entries more easily.
diff --git a/vault/readme/ROADMAP.rst b/vault/readme/ROADMAP.rst
new file mode 100644
index 0000000000..bf394cbda4
--- /dev/null
+++ b/vault/readme/ROADMAP.rst
@@ -0,0 +1,8 @@
+* Field and file history for restoration
+
+* Import improvement
+
+ * Support challenge-response/FIDO2
+ * Support for argon2 and kdbx v4
+
+* Properly handle missing Crypto API because no https
diff --git a/vault/security/ir.model.access.csv b/vault/security/ir.model.access.csv
new file mode 100644
index 0000000000..3d7db5d0b2
--- /dev/null
+++ b/vault/security/ir.model.access.csv
@@ -0,0 +1,15 @@
+id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
+access_vault,access_vault,model_vault,base.group_user,1,1,1,1
+access_vault_entry,access_vault_entry,model_vault_entry,base.group_user,1,1,1,1
+access_vault_export_wizard,access_vault_export_wizard,model_vault_export_wizard,base.group_user,1,1,1,1
+access_vault_field,access_vault_field,model_vault_field,base.group_user,1,1,1,1
+access_vault_file,access_vault_file,model_vault_file,base.group_user,1,1,1,1
+access_vault_import_wizard,access_vault_import_wizard,model_vault_import_wizard,base.group_user,1,1,1,1
+access_vault_import_wizard_path,access_vault_import_wizard_path,model_vault_import_wizard_path,base.group_user,1,1,1,1
+access_vault_inbox,access_vault_inbox,model_vault_inbox,base.group_user,1,1,1,1
+access_vault_log,access_vault_log,model_vault_log,base.group_user,1,0,0,0
+access_vault_right,access_vault_right,model_vault_right,base.group_user,1,1,1,1
+access_vault_send_wizard,access_vault_send_wizard,model_vault_send_wizard,base.group_user,1,1,1,1
+access_vault_store_wizard,access_vault_store_wizard,model_vault_store_wizard,base.group_user,1,1,1,1
+access_vault_tag,access_vault_tag,model_vault_tag,base.group_user,1,1,1,1
+access_vault_users_key,access_res_users_key,model_res_users_key,base.group_user,1,1,1,1
diff --git a/vault/security/ir_rule.xml b/vault/security/ir_rule.xml
new file mode 100644
index 0000000000..25707ba7b9
--- /dev/null
+++ b/vault/security/ir_rule.xml
@@ -0,0 +1,88 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<odoo>
+    <record id="vault_access_default" model="ir.rule">
+        <field name="name">vault.access.default</field>
+        <field name="model_id" ref="vault.model_vault" />
+        <field
+            name="domain_force"
+        >['|', ('user_id', '=', user.id), ('right_ids.user_id', '=', user.id)]</field>
+        <field name="groups" eval="[(4, ref('base.group_user'))]" />
+        <field name="perm_create" eval="1" />
+        <field name="perm_write" eval="1" />
+        <field name="perm_unlink" eval="1" />
+        <field name="perm_read" eval="1" />
+    </record>
+
+    <record id="vault_log_access_default" model="ir.rule">
+        <field name="name">vault.log.access.read</field>
+        <field name="model_id" ref="vault.model_vault_log" />
+        <field
+            name="domain_force"
+        >['|', ('vault_id.user_id', '=', user.id), ('vault_id.right_ids.user_id', '=', user.id)]</field>
+        <field name="groups" eval="[(4, ref('base.group_user'))]" />
+        <field name="perm_create" eval="1" />
+        <field name="perm_write" eval="1" />
+        <field name="perm_unlink" eval="1" />
+        <field name="perm_read" eval="1" />
+    </record>
+
+    <record id="vault_entry_access_default" model="ir.rule">
+        <field name="name">vault.entry.access.default</field>
+        <field name="model_id" ref="vault.model_vault_entry" />
+        <field
+            name="domain_force"
+        >['|', ('vault_id.user_id', '=', user.id), ('vault_id.right_ids.user_id', '=', user.id)]</field>
+        <field name="groups" eval="[(4, ref('base.group_user'))]" />
+        <field name="perm_create" eval="1" />
+        <field name="perm_write" eval="1" />
+        <field name="perm_unlink" eval="1" />
+        <field name="perm_read" eval="1" />
+    </record>
+
+     <record id="vault_field_access_default" model="ir.rule">
+        <field name="name">vault.field.access.default</field>
+        <field name="model_id" ref="vault.model_vault_field" />
+        <field
+            name="domain_force"
+        >['|', ('vault_id.user_id', '=', user.id), ('vault_id.right_ids.user_id', '=', user.id)]</field>
+        <field name="groups" eval="[(4, ref('base.group_user'))]" />
+        <field name="perm_create" eval="1" />
+        <field name="perm_write" eval="1" />
+        <field name="perm_unlink" eval="1" />
+        <field name="perm_read" eval="1" />
+    </record>
+
+    <record id="vault_file_access_default" model="ir.rule">
+        <field name="name">vault.file.access.default</field>
+        <field name="model_id" ref="vault.model_vault_file" />
+        <field
+            name="domain_force"
+        >['|', ('vault_id.user_id', '=', user.id), ('vault_id.right_ids.user_id', '=', user.id)]</field>
+        <field name="groups" eval="[(4, ref('base.group_user'))]" />
+        <field name="perm_create" eval="1" />
+        <field name="perm_write" eval="1" />
+        <field name="perm_unlink" eval="1" />
+        <field name="perm_read" eval="1" />
+    </record>
+
+    <record id="res_users_key_access_default" model="ir.rule">
+        <field name="name">res.users.key.access.default</field>
+        <field name="model_id" ref="vault.model_res_users_key" />
+        <field name="domain_force">[('user_id', '=', user.id)]</field>
+        <field name="groups" eval="[(4, ref('base.group_user'))]" />
+        <field name="perm_create" eval="1" />
+        <field name="perm_write" eval="1" />
+        <field name="perm_unlink" eval="1" />
+        <field name="perm_read" eval="1" />
+    </record>
+
+    <record id="vault_inbox_owner" model="ir.rule">
+        <field name="name">vault.inbox.access.owner</field>
+        <field name="model_id" ref="vault.model_vault_inbox" />
+        <field name="domain_force">[('user_id', '=', user.id)]</field>
+        <field name="perm_create" eval="1" />
+        <field name="perm_write" eval="1" />
+        <field name="perm_unlink" eval="1" />
+        <field name="perm_read" eval="1" />
+    </record>
+</odoo>
diff --git a/vault/static/description/icon.png b/vault/static/description/icon.png
new file mode 100644
index 0000000000000000000000000000000000000000..a0c9035d9b2247bbe8008a1601aafb0524a2c13d
GIT binary patch
literal 2287
zcmV<L2oU#)P)<h;3K|Lk000e1NJLTq002e+002e^1^@s6aW3M700004b3#c}2nYxW
zd<bNS000Q4Nkl<Zc%1E<U2Ggz6~})wyZ*{zJ8_7e=EENfF^Sr`F0E6<M};Z`qJ;-O
z6iU(}QBXsicV2k|#1jvoiU&|Zsz69kRSho)s7MtsZAgT0qR=L!NgVR!HU3<$cW3tU
zFn8wOJ2PwV?Cv;-?7WP}bI!Tv{O|vsbLL*#LS8?5{bwTA+f7?XI{=pdLjGh~Amm;B
zUMNY+d$zEYoc3B%l#k(OUtB7N-s^h0AHjI0yAcNrzYK%ktz0g%GQY&vpZt;){Q8G~
zctzZtze}N9#I3m6;Nf6Rrwu1X)M;JLaMH36hya{GkFXxvxKd6iy<jqoXKl(9dYT`;
zVPV9Xu`RmVIvL1q=Y{dlS=RS|^^&+=%14~l2dUTDKu$#UBF++{7n%f<pdsc2;Ku0b
z&tc|harr;&bh@$UMFA|l;E;oZhp0qeEfWwz4laZgQ^EKG7M7F?6wF|ezT$!E|H5F7
zkUt6EtS~{5{`mt3&jtumPm9Z&d<_(#;*vnH+*ZOaxFx8lAgkWR`tL13Y-Fdhv7HUy
z*D_8OJA~g?v9n4E+i@K|leL&5z^w>u1JM?9g1fDd5-sLv%rO|#VvfNWiDip926JK=
z(_)Um4v=awN51v&u-B{S_cL>B2{A3^n9NZ*ro|kCIkrNO7IOk{;;K@MIWos+2)CG{
zn3D|<)Am(_27=meiONxl(UW&{JLqy@yB4CN>1A>}uwyU7TX(UmyOXX=7Th9BYjfPV
zd!2Xkvn*AFniO9TwVxF0ha4xY7x72h$qLkr>p~`Tf~oUnHnKUT>G@NqF~Zmh6!JOb
zbY{z54juR?Pwp9Hpq=<@6e#DpJad-cT|CdfN)^qI80J{<aT)&0xO6*M7S{2fd|UX!
z2A%Xl^k=PY4)jD=FTA6t>?k?kr%s0Uf10m6e2{@m6+q&y@*L;RpXAq9?@|o>_eW}c
zC(u?-M%QNQImh14#1miR#CSqb0NVO^bo>a%$M(^eLe8;4)Rx_wUafi=KXjNQgT1sR
z#6(?Lc8`3PZ;TDmU3HxLs+Ib>W^<X-Kl(I>2YVBM;7~5Du<Ay^=^uH9FAw!JwOR#L
z$xjvG?4C-s+A_}J2Z!jY5t7yX8Gdo*6w}KNRwl>b&{I4+rZ2xv4m|it9=rJ)&Xk%{
zt?V#T9)f8y$7cV*5A%U)l_z|y{DYsL{v*>%j>ibMz_lwUd3pNZly$kb5uO@-fNYcc
zoS6NXlyi=~kB<y)tq~QNyEV<FwWystGt*oR$@cFaW1qcIZmTWl1UY82n3L@vt(`5N
zoADj83xxAc=UyJ_wSBdQm}3(NZ4Pt#wr!^;0W5tx4>D*)zpb|IIlxe)#OLVm$<|mE
z*Jq9`0>~hJ=49y3<r2UG<R0a#AAf=mcG+^qJJ>b+8D4y3Fs96Bd0(!lDc@FEA0gGj
z##J2&S`(^Oo1IMt4A9g6364GUF&0-=aN2V8wXb8t&dPWQ`J1d-d0*FZ#?xm`g+jTQ
z7#Q!$(v$059~8hT7Jc^`Vvejz6;HI{8%Zzc+*w#L%WP9Ghq=OnS!HVRH|F=Yfz&22
zr!YIi?bLv|!{xlI7|;N7LVZly%(2-$uqRPfN^+I+?{cvaUuBXq#}3MO>deWo`@m5q
zA0J8ym?D?2OmoNYbM(0CU`~~j$YwLgX87O{CMVJY1<Luq^7@tK>VEj~)W{rLVo7?;
z$uRuzQI1axrv?h8Yn=Ss+uV%nkn3cQy*`4CGRJ24p`%QGXqYXjAOg5~PEWnYsRdW{
zQ%yL1$a)BZ!5oRW+B1#r{RT~&GN76&ED#-xj6KWbV=02NdX3-z<u!ggTR=Lhnl)4$
zUh`(gWim&LQ_5$(8JBd5=>)xd#WPlOhnzMj4!39C<kfRiTr6ml682j^eTa)|oenvx
z7||@|bTTsb948*%({xY@%eT3D=K^oNbB?p~Yr%}KcluB-bF_0Mn!ub6MkbDOVyrPx
z%6Cum(y6zZYs=By)d}tz%S(CkWe4ME$ImIoGHMQUvigiS#+(jDC!XWj*xtrKS@=6I
z|LG0hErL~CVQz__DmHR%m6SQz@K<qt%;{kNq31dFNFAW8zQ-FEF0*JkluHX-dhegy
zC}RYb%8BO&%<-xcniF*}XUo3N^UZod0Vv&K>inO%5n>=ArvYQxrp=t7j|sL0f_p8U
zt=H!a?0A1e%cqvFa$r;c%EFedA3AfqxBha9VUA}7Pcf^$jq15d%LF?#LGF^nRow~n
zgOrX-f0UZf9F-Q(!Lc^(kc}NY->GCdNBLIERW8huF9EKDQ<`P!>>2X9J&4*5Er-p>
zIoV(>`bMZD=Onmpo&P1@o1P8E@h8~KCDE$4**Pb=gI8D1NdnEiIxA0>b8KUc1<Xm3
zbDTPIjQMR9bex*AzQDc8In{UY5-{i5r3+kNs{xO-D@@JICa8M%jycu~KlqkVOFPs7
z$`^X#HRb$>Eok4$&Yn*1tS3%SI4myaS#-@@;@=`UC-4I`<9f~^oJ%k}WdAuPu3G-b
zQ~PTNJv&#-tX)gBD$R3iHk$bKX3%#wT6Me^ssEKlf@)<4$Qx_3k(?9mb5w_{Eqawp
zg2ny6m2<otQ+16tTCHO21fbPpXY+E7txa)@IT~}!s?=gmaJLPlTFeQU6MwGMVvc`y
z9a>{8=B)oek@qumY=6dE%rTj>!Aa!(%N)DnI_9@Zi#b#r7uzkCYnuseM*rWL<181k
zt!2lDs>K{>$NA5yXX8^Zeo^%8+Ch6)2X-c_4eAFQdJdusZz1U0gE4w4CJiJ_4;@?u
zlA#y3<q_7?<*1^k$sq);>ryJLk-vVMSHJsHW&R73&x`q`c}k@c7=tSF`bk~PYt5OE
zlMow>8YlE<1Se-QPB3i0id|z8<J`9_+S}XN*3-)?-}$ix@LygOcaE+cnFRm<002ov
JPDHLkV1n|ya*F@}

literal 0
HcmV?d00001

diff --git a/vault/static/lib/kdbxweb/kdbxweb.min.js b/vault/static/lib/kdbxweb/kdbxweb.min.js
new file mode 100644
index 0000000000..eee616aa20
--- /dev/null
+++ b/vault/static/lib/kdbxweb/kdbxweb.min.js
@@ -0,0 +1,2 @@
+/*! kdbxweb v1.10.0, (c) 2020 Antelle, opensource.org/licenses/MIT */
+!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t(require("crypto"),require("xmldom")):"function"==typeof define&&define.amd?define(["crypto","xmldom"],t):"object"==typeof exports?exports.kdbxweb=t(require("crypto"),require("xmldom")):e.kdbxweb=t(e.crypto,e.xmldom)}(this,(function(e,t){return function(e){var t={};function r(i){if(t[i])return t[i].exports;var n=t[i]={i:i,l:!1,exports:{}};return e[i].call(n.exports,n,n.exports,r),n.l=!0,n.exports}return r.m=e,r.c=t,r.d=function(e,t,i){r.o(e,t)||Object.defineProperty(e,t,{enumerable:!0,get:i})},r.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},r.t=function(e,t){if(1&t&&(e=r(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var i=Object.create(null);if(r.r(i),Object.defineProperty(i,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var n in e)r.d(i,n,function(t){return e[t]}.bind(null,n));return i},r.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return r.d(t,"a",t),t},r.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},r.p="",r(r.s=29)}([function(e,t,r){"use strict";(function(t){var i=t.TextEncoder,n=t.TextDecoder;if(!i||!n){var o=r(40);i=o.TextEncoder,n=o.TextDecoder}var a=new i,s=new n;e.exports.arrayBufferEquals=function(e,t){if(e.byteLength!==t.byteLength)return!1;for(var r=new Uint8Array(e),i=new Uint8Array(t),n=0,o=r.length;n<o;n++)if(r[n]!==i[n])return!1;return!0},e.exports.bytesToString=function(e){return e instanceof ArrayBuffer&&(e=new Uint8Array(e)),s.decode(e)},e.exports.stringToBytes=function(e){return a.encode(e)},e.exports.base64ToBytes=function(e){if("undefined"==typeof atob&&"function"==typeof Buffer){var t=Buffer.from(e,"base64");return new Uint8Array(t)}for(var r=atob(e),i=new Uint8Array(r.length),n=0;n<r.length;n++)i[n]=r.charCodeAt(n);return i},e.exports.bytesToBase64=function(e){if(e instanceof ArrayBuffer&&(e=new Uint8Array(e)),"undefined"==typeof btoa&&"function"==typeof Buffer)return Buffer.from(e).toString("base64");for(var t="",r=0;r<e.length;r++)t+=String.fromCharCode(e[r]);return btoa(t)},e.exports.hexToBytes=function(e){for(var t=new Uint8Array(Math.ceil(e.length/2)),r=0;r<t.length;r++)t[r]=parseInt(e.substr(2*r,2),16);return t},e.exports.bytesToHex=function(e){e instanceof ArrayBuffer&&(e=new Uint8Array(e));for(var t="",r=0;r<e.length;r++){var i=e[r].toString(16);1===i.length&&(t+="0"),t+=i}return t},e.exports.arrayToBuffer=function(e){if(e instanceof ArrayBuffer)return e;var t=e.buffer;return 0===e.byteOffset&&e.byteLength===t.byteLength?t:e.buffer.slice(e.byteOffset,e.byteOffset+e.byteLength)},e.exports.zeroBuffer=function(e){e instanceof ArrayBuffer&&(e=new Uint8Array(e)),e.fill(0)}}).call(this,r(13))},function(e,t,r){"use strict";e.exports.Signatures={FileMagic:2594363651,Sig2Kdbx:3041655655,Sig2Kdb:3041655653},e.exports.ErrorCodes={NotImplemented:"NotImplemented",InvalidArg:"InvalidArg",BadSignature:"BadSignature",InvalidVersion:"InvalidVersion",Unsupported:"Unsupported",FileCorrupt:"FileCorrupt",InvalidKey:"InvalidKey",MergeError:"MergeError"},e.exports.CompressionAlgorithm={None:0,GZip:1},e.exports.CrsAlgorithm={Null:0,ArcFourVariant:1,Salsa20:2,ChaCha20:3},e.exports.KdfId={Argon2:"72Nt34wpREuR96mkA+MKDA==",Aes:"ydnzmmKKRGC/dA0IwYpP6g=="},e.exports.CipherId={Aes:"McHy5r9xQ1C+WAUhavxa/w==",ChaCha20:"1gOKK4tvTLWlJDOaMdu1mg=="},e.exports.AutoTypeObfuscationOptions={None:0,UseClipboard:1},e.exports.Defaults={KeyEncryptionRounds:3e5,MntncHistoryDays:365,HistoryMaxItems:10,HistoryMaxSize:6291456,RecycleBinName:"Recycle Bin"},e.exports.Icons={Key:0,World:1,Warning:2,NetworkServer:3,MarkedDirectory:4,UserCommunication:5,Parts:6,Notepad:7,WorldSocket:8,Identity:9,PaperReady:10,Digicam:11,IRCommunication:12,MultiKeys:13,Energy:14,Scanner:15,WorldStar:16,CDRom:17,Monitor:18,EMail:19,Configuration:20,ClipboardReady:21,PaperNew:22,Screen:23,EnergyCareful:24,EMailBox:25,Disk:26,Drive:27,PaperQ:28,TerminalEncrypted:29,Console:30,Printer:31,ProgramIcons:32,Run:33,Settings:34,WorldComputer:35,Archive:36,Homebanking:37,DriveWindows:39,Clock:39,EMailSearch:40,PaperFlag:41,Memory:42,TrashBin:43,Note:44,Expired:45,Info:46,Package:47,Folder:48,FolderOpen:49,FolderPackage:50,LockOpen:51,PaperLocked:52,Checked:53,Pen:54,Thumbnail:55,Book:56,List:57,UserKey:58,Tool:59,Home:60,Star:61,Tux:62,Feather:63,Apple:64,Wiki:65,Money:66,Certificate:67,BlackBerry:68}},function(e,t,r){"use strict";function i(e,t){this.name="KdbxError",this.code=e,this.message="Error "+e+(t?": "+t:"")}i.prototype=Error.prototype,e.exports=i},function(e,t,r){"use strict";(function(t){var i=r(0),n=r(2),o=r(1),a=r(24),s=t.crypto,d=s?s.subtle||s.webkitSubtle:null,h=t.process&&t.process.versions&&t.process.versions.node?r(42):null;function u(){}function l(){}u.prototype.importKey=function(e){var t=this;return d.importKey("raw",e,{name:"AES-CBC"},!1,["encrypt","decrypt"]).then((function(e){t.key=e}))},u.prototype.encrypt=function(e,t){return d.encrypt({name:"AES-CBC",iv:t},this.key,e)},u.prototype.decrypt=function(e,t){return d.decrypt({name:"AES-CBC",iv:t},this.key,e).catch((function(){throw new n(o.ErrorCodes.InvalidKey,"invalid key")}))},l.prototype.importKey=function(e){return this.key=e,Promise.resolve()},l.prototype.encrypt=function(e,t){var r=this;return Promise.resolve().then((function(){var n=h.createCipheriv("aes-256-cbc",Buffer.from(r.key),Buffer.from(t)),o=n.update(Buffer.from(e));return i.arrayToBuffer(Buffer.concat([o,n.final()]))}))},l.prototype.decrypt=function(e,t){var r=this;return Promise.resolve().then((function(){var n=h.createDecipheriv("aes-256-cbc",Buffer.from(r.key),Buffer.from(t)),o=n.update(Buffer.from(e));return i.arrayToBuffer(Buffer.concat([o,n.final()]))})).catch((function(){throw new n(o.ErrorCodes.InvalidKey,"invalid key")}))},e.exports.subtle=d,e.exports.webCrypto=s,e.exports.nodeCrypto=h,e.exports.sha256=function(e){return e.byteLength?d?d.digest({name:"SHA-256"},e):h?new Promise((function(t){t(h.createHash("sha256").update(Buffer.from(e)).digest().buffer)})):Promise.reject(new n(o.ErrorCodes.NotImplemented,"SHA256 not implemented")):Promise.resolve(i.arrayToBuffer(i.hexToBytes("e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855")))},e.exports.sha512=function(e){return e.byteLength?d?d.digest({name:"SHA-512"},e):h?new Promise((function(t){t(h.createHash("sha512").update(Buffer.from(e)).digest().buffer)})):Promise.reject(new n(o.ErrorCodes.NotImplemented,"SHA512 not implemented")):Promise.resolve(i.arrayToBuffer(i.hexToBytes("cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e")))},e.exports.hmacSha256=function(e,t){if(d){var r={name:"HMAC",hash:{name:"SHA-256"}};return d.importKey("raw",e,r,!1,["sign"]).then((function(e){return d.sign(r,e,t)}))}return h?new Promise((function(r){r(h.createHmac("sha256",Buffer.from(e)).update(Buffer.from(t)).digest().buffer)})):Promise.reject(new n(o.ErrorCodes.NotImplemented,"HMAC-SHA256 not implemented"))},e.exports.random=function(e){if(d)return function(e){for(var t=new Uint8Array(e);e>0;){var r=e%65536;r=r>0?r:65536;var i=new Uint8Array(r);s.getRandomValues(i),e-=r,t.set(i,e)}return t}(e);if(h)return new Uint8Array(h.randomBytes(e));throw new n(o.ErrorCodes.NotImplemented,"Random not implemented")},e.exports.createAesCbc=function(){if(d)return new u;if(h)return new l;throw new n(o.ErrorCodes.NotImplemented,"AES-CBC not implemented")},e.exports.chacha20=function(e,t,r){return Promise.resolve().then((function(){var n=new a(new Uint8Array(t),new Uint8Array(r));return i.arrayToBuffer(n.encrypt(new Uint8Array(e)))}))},e.exports.argon2=function(e,t,r,i,a,s,d,h){return Promise.reject(new n(o.ErrorCodes.NotImplemented,"Argon2 not implemented"))},e.exports.configure=function(e,t,r){d=e,s=t,h=r}}).call(this,r(13))},function(e,t,r){"use strict";(function(t){var i=r(2),n=r(1),o=r(6),a=r(7),s=r(9),d=r(0),h=r(8),u=r(16),l=/\.\d\d\d/,c=t.DOMParser?t:r(44),f=t.DOMParser?void 0:{errorHandler:{error:function(e){throw e},fatalError:function(e){throw e}}},p=62135596800;function m(e){var t,r=f?new c.DOMParser(f):new c.DOMParser;try{t=r.parseFromString(e,"application/xml")}catch(e){throw new i(n.ErrorCodes.FileCorrupt,"bad xml: "+e.message)}if(!t.documentElement)throw new i(n.ErrorCodes.FileCorrupt,"bad xml");var o=t.getElementsByTagName("parsererror")[0];if(o)throw new i(n.ErrorCodes.FileCorrupt,"bad xml: "+o.textContent);return t}function y(e,t){var r=e.childNodes.length;if(0!==r){for(var i,n="\n"+"    ".repeat(t),o=t>0?"\n"+"    ".repeat(t-1):"",a=e.ownerDocument||e,s=[],d=0;d<r;d++)(i=e.childNodes[d]).nodeType!==a.TEXT_NODE&&i.nodeType!==a.PROCESSING_INSTRUCTION_NODE&&s.push(i);for(var h=0;h<s.length;h++){if(i=s[h],!(0===t&&0===h)){var u=a.createTextNode(n);e.insertBefore(u,i)}if(!i.nextSibling&&t>0){var l=a.createTextNode(o);e.appendChild(l)}y(i,t+1)}}}function g(e){if(e&&e.childNodes)return e.protectedValue?e.protectedValue.text:e.textContent}function _(e,t){e.textContent=t||""}function b(e){var t=g(e);return t?d.arrayToBuffer(d.base64ToBytes(t)):void 0}function v(e,t){"string"==typeof t&&(t=d.base64ToBytes(t)),_(e,t?d.bytesToBase64(d.arrayToBuffer(t)):void 0)}function w(e){switch(e&&e.toLowerCase&&e.toLowerCase()){case"true":return!0;case"false":return!1;case"null":return null}}function k(e,t){t(e);for(var r=0,i=e.childNodes,n=i.length;r<n;r++){var o=i[r];o.tagName&&k(o,t)}}e.exports.parse=m,e.exports.serialize=function(e,t){t&&y(e,0);var r=(new c.XMLSerializer).serializeToString(e);return t&&r.startsWith("<?")&&(r=r.replace(/^(<\?.*?\?>)</,"$1\n<")),r},e.exports.create=function(e){return m('<?xml version="1.0" encoding="utf-8" standalone="yes"?><'+e+"/>")},e.exports.getChildNode=function(e,t,r){if(e&&e.childNodes)for(var o=0,a=e.childNodes,s=a.length;o<s;o++)if(a[o].tagName===t)return a[o];if(r)throw new i(n.ErrorCodes.FileCorrupt,r);return null},e.exports.addChildNode=function(e,t){return e.appendChild((e.ownerDocument||e).createElement(t))},e.exports.getText=g,e.exports.setText=_,e.exports.getBytes=b,e.exports.setBytes=v,e.exports.getDate=function(e){var t=g(e);if(t){if(t.indexOf(":")>0)return new Date(t);var r=new DataView(d.arrayToBuffer(d.base64ToBytes(t))),i=new h(r.getUint32(0,!0),r.getUint32(4,!0)).value;return new Date(1e3*(i-p))}},e.exports.setDate=function(e,t,r){if(t)if(r){var i=Math.floor(t.getTime()/1e3)+p,n=new DataView(new ArrayBuffer(8)),o=h.from(i);n.setUint32(0,o.lo,!0),n.setUint32(4,o.hi,!0),_(e,d.bytesToBase64(n.buffer))}else _(e,t.toISOString().replace(l,""));else _(e,"")},e.exports.getNumber=function(e){var t=g(e);return t?+t:void 0},e.exports.setNumber=function(e,t){_(e,"number"!=typeof t||isNaN(t)?void 0:t.toString())},e.exports.getBoolean=function(e){var t=g(e);return t?w(t):void 0},e.exports.setBoolean=function(e,t){_(e,void 0===t?"":null===t?"null":t?"True":"False")},e.exports.strToBoolean=w,e.exports.getUuid=function(e){var t=b(e);return t?new a(t):void 0},e.exports.setUuid=function(e,t){v(e,t instanceof a?t.toBytes():t)},e.exports.getProtectedText=function(e){return e.protectedValue||e.textContent},e.exports.setProtectedText=function(e,t){t instanceof s?(e.protectedValue=t,e.setAttribute(o.Attr.Protected,"True")):_(e,t)},e.exports.getProtectedBinary=function(e){if(e.protectedValue)return e.protectedValue;var t=e.textContent,r=e.getAttribute(o.Attr.Ref);if(r)return{ref:r};if(t){var i=w(e.getAttribute(o.Attr.Compressed)),n=d.base64ToBytes(t);return i&&(n=u.ungzip(n)),d.arrayToBuffer(n)}},e.exports.setProtectedBinary=function(e,t){t instanceof s?(e.protectedValue=t,e.setAttribute(o.Attr.Protected,"True")):t&&t.ref?e.setAttribute(o.Attr.Ref,t.ref):v(e,t)},e.exports.setProtectedValues=function(e,t){k(e,(function(e){if(w(e.getAttribute(o.Attr.Protected)))try{var r=d.arrayToBuffer(d.base64ToBytes(e.textContent));if(r.byteLength){var a=t.getSalt(r.byteLength);e.protectedValue=new s(r,a)}}catch(t){throw new i(n.ErrorCodes.FileCorrupt,"bad protected value at line "+e.lineNumber+": "+t)}}))},e.exports.updateProtectedValuesSalt=function(e,t){k(e,(function(e){if(w(e.getAttribute(o.Attr.Protected))&&e.protectedValue){var r=t.getSalt(e.protectedValue.byteLength);e.protectedValue.setSalt(r),e.textContent=e.protectedValue.toString()}}))},e.exports.unprotectValues=function(e){k(e,(function(e){w(e.getAttribute(o.Attr.Protected))&&e.protectedValue&&(e.removeAttribute(o.Attr.Protected),e.setAttribute(o.Attr.ProtectedInMemPlainXml,"True"),e.textContent=e.protectedValue.getText())}))},e.exports.protectUnprotectedValues=function(e){k(e,(function(e){w(e.getAttribute(o.Attr.ProtectedInMemPlainXml))&&e.protectedValue&&(e.removeAttribute(o.Attr.ProtectedInMemPlainXml),e.setAttribute(o.Attr.Protected,"True"),e.textContent=e.protectedValue.toString())}))},e.exports.protectPlainValues=function(e){k(e,(function(e){w(e.getAttribute(o.Attr.ProtectedInMemPlainXml))&&(e.protectedValue=s.fromString(e.textContent),e.textContent=e.protectedValue.toString(),e.removeAttribute(o.Attr.ProtectedInMemPlainXml),e.setAttribute(o.Attr.Protected,"True"))}))}}).call(this,r(13))},function(e,t,r){"use strict";var i="undefined"!=typeof Uint8Array&&"undefined"!=typeof Uint16Array&&"undefined"!=typeof Int32Array;t.assign=function(e){for(var t=Array.prototype.slice.call(arguments,1);t.length;){var r=t.shift();if(r){if("object"!=typeof r)throw new TypeError(r+"must be non-object");for(var i in r)r.hasOwnProperty(i)&&(e[i]=r[i])}}return e},t.shrinkBuf=function(e,t){return e.length===t?e:e.subarray?e.subarray(0,t):(e.length=t,e)};var n={arraySet:function(e,t,r,i,n){if(t.subarray&&e.subarray)e.set(t.subarray(r,r+i),n);else for(var o=0;o<i;o++)e[n+o]=t[r+o]},flattenChunks:function(e){var t,r,i,n,o,a;for(i=0,t=0,r=e.length;t<r;t++)i+=e[t].length;for(a=new Uint8Array(i),n=0,t=0,r=e.length;t<r;t++)o=e[t],a.set(o,n),n+=o.length;return a}},o={arraySet:function(e,t,r,i,n){for(var o=0;o<i;o++)e[n+o]=t[r+o]},flattenChunks:function(e){return[].concat.apply([],e)}};t.setTyped=function(e){e?(t.Buf8=Uint8Array,t.Buf16=Uint16Array,t.Buf32=Int32Array,t.assign(t,n)):(t.Buf8=Array,t.Buf16=Array,t.Buf32=Array,t.assign(t,o))},t.setTyped(i)},function(e,t,r){"use strict";e.exports={Elem:{DocNode:"KeePassFile",Meta:"Meta",Root:"Root",Group:"Group",Entry:"Entry",Generator:"Generator",HeaderHash:"HeaderHash",SettingsChanged:"SettingsChanged",DbName:"DatabaseName",DbNameChanged:"DatabaseNameChanged",DbDesc:"DatabaseDescription",DbDescChanged:"DatabaseDescriptionChanged",DbDefaultUser:"DefaultUserName",DbDefaultUserChanged:"DefaultUserNameChanged",DbMntncHistoryDays:"MaintenanceHistoryDays",DbColor:"Color",DbKeyChanged:"MasterKeyChanged",DbKeyChangeRec:"MasterKeyChangeRec",DbKeyChangeForce:"MasterKeyChangeForce",RecycleBinEnabled:"RecycleBinEnabled",RecycleBinUuid:"RecycleBinUUID",RecycleBinChanged:"RecycleBinChanged",EntryTemplatesGroup:"EntryTemplatesGroup",EntryTemplatesGroupChanged:"EntryTemplatesGroupChanged",HistoryMaxItems:"HistoryMaxItems",HistoryMaxSize:"HistoryMaxSize",LastSelectedGroup:"LastSelectedGroup",LastTopVisibleGroup:"LastTopVisibleGroup",MemoryProt:"MemoryProtection",ProtTitle:"ProtectTitle",ProtUserName:"ProtectUserName",ProtPassword:"ProtectPassword",ProtUrl:"ProtectURL",ProtNotes:"ProtectNotes",CustomIcons:"CustomIcons",CustomIconItem:"Icon",CustomIconItemID:"UUID",CustomIconItemData:"Data",AutoType:"AutoType",History:"History",Name:"Name",Notes:"Notes",Uuid:"UUID",Icon:"IconID",CustomIconID:"CustomIconUUID",FgColor:"ForegroundColor",BgColor:"BackgroundColor",OverrideUrl:"OverrideURL",Times:"Times",Tags:"Tags",CreationTime:"CreationTime",LastModTime:"LastModificationTime",LastAccessTime:"LastAccessTime",ExpiryTime:"ExpiryTime",Expires:"Expires",UsageCount:"UsageCount",LocationChanged:"LocationChanged",GroupDefaultAutoTypeSeq:"DefaultAutoTypeSequence",EnableAutoType:"EnableAutoType",EnableSearching:"EnableSearching",String:"String",Binary:"Binary",Key:"Key",Value:"Value",AutoTypeEnabled:"Enabled",AutoTypeObfuscation:"DataTransferObfuscation",AutoTypeDefaultSeq:"DefaultSequence",AutoTypeItem:"Association",Window:"Window",KeystrokeSequence:"KeystrokeSequence",Binaries:"Binaries",IsExpanded:"IsExpanded",LastTopVisibleEntry:"LastTopVisibleEntry",DeletedObjects:"DeletedObjects",DeletedObject:"DeletedObject",DeletionTime:"DeletionTime",CustomData:"CustomData",StringDictExItem:"Item"},Attr:{Id:"ID",Ref:"Ref",Protected:"Protected",ProtectedInMemPlainXml:"ProtectInMemory",Compressed:"Compressed"},Val:{False:"False",True:"True"}}},function(e,t,r){"use strict";var i=r(0),n=r(10);function o(e){if(void 0===e&&(e=new ArrayBuffer(16)),"string"==typeof e&&(e=i.base64ToBytes(e)),this.id=16===e.byteLength?i.bytesToBase64(e):void 0,this.empty=!0,e)for(var t=new Uint8Array(e),r=0,n=t.length;r<n;r++)if(0!==t[r])return void(this.empty=!1)}o.prototype.equals=function(e){return e&&e.toString()===this.toString()||!1},Object.defineProperty(o.prototype,"bytes",{enumerable:!0,get:function(){return i.base64ToBytes(this.id)}}),o.random=function(){return new o(n.getBytes(16))},o.prototype.toString=function(){return this.id},o.prototype.valueOf=function(){return this.id},o.prototype.toBytes=function(){return this.id?i.base64ToBytes(this.id):void 0},e.exports=o},function(e,t,r){"use strict";function i(e,t){this.lo=e||0,this.hi=t||0}Object.defineProperty(i.prototype,"value",{enumerable:!0,get:function(){if(this.hi){if(this.hi>=2097152)throw new Error("too large number");return 4294967296*this.hi+this.lo}return this.lo}}),i.prototype.valueOf=function(){return this.value},i.from=function(e){if(e>9007199254740991)throw new Error("too large number");var t=e>>>0;return new i(t,(e-t)/4294967296>>>0)},e.exports=i},function(e,t,r){"use strict";var i=r(0),n=r(3),o=r(10),a=function(e,t){Object.defineProperty(this,"_value",{value:new Uint8Array(e)}),Object.defineProperty(this,"_salt",{value:new Uint8Array(t)})};a.prototype.toString=function(){return i.bytesToBase64(this._value)},a.fromString=function(e){for(var t=i.stringToBytes(e),r=o.getBytes(t.length),n=0,s=t.length;n<s;n++)t[n]^=r[n];return new a(i.arrayToBuffer(t),i.arrayToBuffer(r))},a.fromBinary=function(e){for(var t=new Uint8Array(e),r=o.getBytes(t.length),n=0,s=t.length;n<s;n++)t[n]^=r[n];return new a(i.arrayToBuffer(t),i.arrayToBuffer(r))},a.prototype.includes=function(e){if(0===e.length)return!1;var t,r,n=this._value,o=this._salt,a=i.stringToBytes(e),s=n.length,d=a.length,h=s-d;e:for(t=0;t<=h;t++){for(r=0;r<d;r++)if((n[t+r]^o[t+r])!==a[r])continue e;return!0}return!1},a.prototype.getHash=function(){var e=i.arrayToBuffer(this.getBinary());return n.sha256(e).then((function(t){return i.zeroBuffer(e),t}))},a.prototype.getText=function(){return i.bytesToString(this.getBinary())},a.prototype.getBinary=function(){for(var e=this._value,t=this._salt,r=new Uint8Array(e.byteLength),i=r.length-1;i>=0;i--)r[i]=e[i]^t[i];return r},a.prototype.setSalt=function(e){for(var t=new Uint8Array(e),r=this._value,i=this._salt,n=0,o=r.length;n<o;n++)r[n]=r[n]^i[n]^t[n],i[n]=t[n]},a.prototype.clone=function(){return new a(this._value,this._salt)},Object.defineProperty(a.prototype,"byteLength",{enumerable:!0,get:function(){return this._value.byteLength}}),e.exports=a},function(e,t,r){"use strict";for(var i=r(23),n=r(3),o=new Uint8Array(32),a=new Uint8Array(8),s=0;s<o.length;s++)o[s]=255*Math.random();for(var d=0;d<a.length;d++)a[s]=255*Math.random();var h=new i(o,a);e.exports.getBytes=function(e){if(!e)return new Uint8Array(0);h.getBytes(Math.round(Math.random()*e)+1);for(var t=h.getBytes(e),r=n.random(e),i=r.length-1;i>=0;--i)t[i]^=r[i];return t}},function(e,t,r){"use strict";function i(e){this._arrayBuffer=e||new ArrayBuffer(1024),this._dataView=new DataView(this._arrayBuffer),this._pos=0,this._canExpand=!e}["Int","Uint","Float"].forEach((function(e){("Float"===e?[4,8]:[1,2,4]).forEach((function(t){var r="get"+e+8*t;i.prototype[r]=function(e){var i=this._dataView[r].call(this._dataView,this._pos,e);return this._pos+=t,i};var n="set"+e+8*t;i.prototype[n]=function(e,r){this._checkCapacity(t),this._dataView[n].call(this._dataView,this._pos,e,r),this._pos+=t}}))})),i.prototype.getUint64=function(e){var t=this.getUint32(e),r=this.getUint32(e);return e?r*=4294967296:t*=4294967296,t+r},i.prototype.setUint64=function(e,t){t?(this.setUint32(4294967295&e,!0),this.setUint32(Math.floor(e/4294967296),!0)):(this._checkCapacity(8),this.setUint32(Math.floor(e/4294967296),!1),this.setUint32(4294967295&e,!1))},i.prototype.readBytes=function(e){var t=this._arrayBuffer.slice(this._pos,this._pos+e);return this._pos+=e,t},i.prototype.readBytesToEnd=function(){var e=this._arrayBuffer.byteLength-this._pos;return this.readBytes(e)},i.prototype.readBytesNoAdvance=function(e,t){return this._arrayBuffer.slice(e,t)},i.prototype.writeBytes=function(e){e instanceof ArrayBuffer&&(e=new Uint8Array(e)),this._checkCapacity(e.length),new Uint8Array(this._arrayBuffer).set(e,this._pos),this._pos+=e.length},i.prototype.getWrittenBytes=function(){return this._arrayBuffer.slice(0,this._pos)},i.prototype._checkCapacity=function(e){var t=this._arrayBuffer.byteLength-this._pos;if(this._canExpand&&t<e){for(var r=this._arrayBuffer.byteLength,i=this._pos+e;r<i;)r*=2;var n=new Uint8Array(r);n.set(new Uint8Array(this._arrayBuffer)),this._arrayBuffer=n.buffer,this._dataView=new DataView(this._arrayBuffer)}},Object.defineProperty(i.prototype,"pos",{enumerable:!0,get:function(){return this._pos}}),Object.defineProperty(i.prototype,"byteLength",{enumerable:!0,get:function(){return this._arrayBuffer.byteLength}}),e.exports=i},function(e,t,r){"use strict";e.exports={2:"need dictionary",1:"stream end",0:"","-1":"file error","-2":"stream error","-3":"data error","-4":"insufficient memory","-5":"buffer error","-6":"incompatible version"}},function(e,t){var r;r=function(){return this}();try{r=r||new Function("return this")()}catch(e){"object"==typeof window&&(r=window)}e.exports=r},function(e,t,r){"use strict";var i=r(2),n=r(1),o=r(0),a=r(8),s={UInt32:4,UInt64:5,Bool:8,Int32:12,Int64:13,String:24,Bytes:66};function d(){this._items=[],this._dict={},Object.preventExtensions(this)}d.ValueType=s,d.prototype.get=function(e){var t=this._dict[e];return t?t.value:void 0},d.prototype.keys=function(){return this._items.map((function(e){return e.key}))},Object.defineProperty(d.prototype,"length",{enumberable:!0,get:function(){return this._items.length}}),d.prototype.set=function(e,t,r){switch(t){case s.UInt32:if("number"!=typeof r||r<0)throw new i(n.ErrorCodes.InvalidArg);break;case s.UInt64:if(!(r instanceof a))throw new i(n.ErrorCodes.InvalidArg);break;case s.Bool:if("boolean"!=typeof r)throw new i(n.ErrorCodes.InvalidArg);break;case s.Int32:if("number"!=typeof r)throw new i(n.ErrorCodes.InvalidArg);break;case s.Int64:if(!(r instanceof a))throw new i(n.ErrorCodes.InvalidArg);break;case s.String:if("string"!=typeof r)throw new i(n.ErrorCodes.InvalidArg);break;case s.Bytes:if(r instanceof Uint8Array&&(r=o.arrayToBuffer(r)),!(r instanceof ArrayBuffer))throw new i(n.ErrorCodes.InvalidArg);break;default:throw new i(n.ErrorCodes.InvalidArg)}var d={key:e,type:t,value:r};if(this._dict[e]){var h=this._items.indexOf(this._dict[e]);this._items.splice(h,1,d)}else this._items.push(d);this._dict[e]=d},d.prototype.remove=function(e){this._items=this._items.filter((function(t){return t.key!==e})),delete this._dict[e]},d.read=function(e){var t=new d;for(t._readVersion(e);;){var r=t._readItem(e);if(!r)break;t._items.push(r),t._dict[r.key]=r}return t},d.prototype._readVersion=function(e){e.getUint8();var t=e.getUint8();if(0===t||t>1)throw new i(n.ErrorCodes.InvalidVersion)},d.prototype._readItem=function(e){var t=e.getUint8();if(!t)return!1;var r=e.getInt32(!0);if(r<=0)throw new i(n.ErrorCodes.FileCorrupt,"bad key length");var d,h=o.bytesToString(e.readBytes(r)),u=e.getInt32(!0);if(u<0)throw new i(n.ErrorCodes.FileCorrupt,"bad value length");switch(t){case s.UInt32:if(4!==u)throw new i(n.ErrorCodes.FileCorrupt,"bad uint32");d=e.getUint32(!0);break;case s.UInt64:if(8!==u)throw new i(n.ErrorCodes.FileCorrupt,"bad uint64");var l=e.getUint32(!0),c=e.getUint32(!0);d=new a(l,c);break;case s.Bool:if(1!==u)throw new i(n.ErrorCodes.FileCorrupt,"bad bool");d=0!==e.getUint8();break;case s.Int32:if(4!==u)throw new i(n.ErrorCodes.FileCorrupt,"bad int32");d=e.getInt32(!0);break;case s.Int64:if(8!==u)throw new i(n.ErrorCodes.FileCorrupt,"bad int64");var f=e.getUint32(!0),p=e.getUint32(!0);d=new a(f,p);break;case s.String:d=o.bytesToString(e.readBytes(u));break;case s.Bytes:d=e.readBytes(u);break;default:throw new i(n.ErrorCodes.FileCorrupt,"bad value type: "+t)}return{key:h,type:t,value:d}},d.prototype.write=function(e){this._writeVersion(e),Object.keys(this._items).forEach((function(t){this._writeItem(e,this._items[t])}),this),e.setUint8(0)},d.prototype._writeVersion=function(e){e.setUint16(256,!0)},d.prototype._writeItem=function(e,t){e.setUint8(t.type);var r=o.stringToBytes(t.key);switch(e.setInt32(r.length,!0),e.writeBytes(r),t.type){case s.UInt32:e.setInt32(4,!0),e.setUint32(t.value,!0);break;case s.UInt64:e.setInt32(8,!0),e.setUint32(t.value.lo,!0),e.setUint32(t.value.hi,!0);break;case s.Bool:e.setInt32(1,!0),e.setUint8(t.value?1:0);break;case s.Int32:e.setInt32(4,!0),e.setInt32(t.value,!0);break;case s.Int64:e.setInt32(8,!0),e.setUint32(t.value.lo,!0),e.setUint32(t.value.hi,!0);break;case s.String:var a=o.stringToBytes(t.value);e.setInt32(a.length,!0),e.writeBytes(a);break;case s.Bytes:var d=o.arrayToBuffer(t.value);e.setInt32(d.byteLength,!0),e.writeBytes(d);break;default:throw new i(n.ErrorCodes.Unsupported)}},e.exports=d},function(e,t,r){"use strict";var i=r(6),n=r(4),o={read:function(e){for(var t={},r=0,n=e.childNodes,a=n.length;r<a;r++){var s=n[r];s.tagName===i.Elem.StringDictExItem&&o._readItem(s,t)}return t},write:function(e,t){if(t){var r=n.addChildNode(e,i.Elem.CustomData);Object.keys(t).forEach((function(e){var o=t[e];if(o){var a=n.addChildNode(r,i.Elem.StringDictExItem);n.setText(n.addChildNode(a,i.Elem.Key),e),n.setText(n.addChildNode(a,i.Elem.Value),o)}}))}},_readItem:function(e,t){for(var r,o,a=0,s=e.childNodes,d=s.length;a<d;a++){var h=s[a];switch(h.tagName){case i.Elem.Key:r=n.getText(h);break;case i.Elem.Value:o=n.getText(h)}}r&&(t[r]=o)}};e.exports=o},function(e,t,r){"use strict";var i={};(0,r(5).assign)(i,r(32),r(35),r(21)),e.exports=i},function(e,t,r){"use strict";e.exports=function(e,t,r,i){for(var n=65535&e|0,o=e>>>16&65535|0,a=0;0!==r;){r-=a=r>2e3?2e3:r;do{o=o+(n=n+t[i++]|0)|0}while(--a);n%=65521,o%=65521}return n|o<<16|0}},function(e,t,r){"use strict";var i=function(){for(var e,t=[],r=0;r<256;r++){e=r;for(var i=0;i<8;i++)e=1&e?3988292384^e>>>1:e>>>1;t[r]=e}return t}();e.exports=function(e,t,r,n){var o=i,a=n+r;e^=-1;for(var s=n;s<a;s++)e=e>>>8^o[255&(e^t[s])];return-1^e}},function(e,t,r){"use strict";var i=r(5),n=!0,o=!0;try{String.fromCharCode.apply(null,[0])}catch(e){n=!1}try{String.fromCharCode.apply(null,new Uint8Array(1))}catch(e){o=!1}for(var a=new i.Buf8(256),s=0;s<256;s++)a[s]=s>=252?6:s>=248?5:s>=240?4:s>=224?3:s>=192?2:1;function d(e,t){if(t<65537&&(e.subarray&&o||!e.subarray&&n))return String.fromCharCode.apply(null,i.shrinkBuf(e,t));for(var r="",a=0;a<t;a++)r+=String.fromCharCode(e[a]);return r}a[254]=a[254]=1,t.string2buf=function(e){var t,r,n,o,a,s=e.length,d=0;for(o=0;o<s;o++)55296==(64512&(r=e.charCodeAt(o)))&&o+1<s&&56320==(64512&(n=e.charCodeAt(o+1)))&&(r=65536+(r-55296<<10)+(n-56320),o++),d+=r<128?1:r<2048?2:r<65536?3:4;for(t=new i.Buf8(d),a=0,o=0;a<d;o++)55296==(64512&(r=e.charCodeAt(o)))&&o+1<s&&56320==(64512&(n=e.charCodeAt(o+1)))&&(r=65536+(r-55296<<10)+(n-56320),o++),r<128?t[a++]=r:r<2048?(t[a++]=192|r>>>6,t[a++]=128|63&r):r<65536?(t[a++]=224|r>>>12,t[a++]=128|r>>>6&63,t[a++]=128|63&r):(t[a++]=240|r>>>18,t[a++]=128|r>>>12&63,t[a++]=128|r>>>6&63,t[a++]=128|63&r);return t},t.buf2binstring=function(e){return d(e,e.length)},t.binstring2buf=function(e){for(var t=new i.Buf8(e.length),r=0,n=t.length;r<n;r++)t[r]=e.charCodeAt(r);return t},t.buf2string=function(e,t){var r,i,n,o,s=t||e.length,h=new Array(2*s);for(i=0,r=0;r<s;)if((n=e[r++])<128)h[i++]=n;else if((o=a[n])>4)h[i++]=65533,r+=o-1;else{for(n&=2===o?31:3===o?15:7;o>1&&r<s;)n=n<<6|63&e[r++],o--;o>1?h[i++]=65533:n<65536?h[i++]=n:(n-=65536,h[i++]=55296|n>>10&1023,h[i++]=56320|1023&n)}return d(h,i)},t.utf8border=function(e,t){var r;for((t=t||e.length)>e.length&&(t=e.length),r=t-1;r>=0&&128==(192&e[r]);)r--;return r<0||0===r?t:r+a[e[r]]>t?r:t}},function(e,t,r){"use strict";e.exports=function(){this.input=null,this.next_in=0,this.avail_in=0,this.total_in=0,this.output=null,this.next_out=0,this.avail_out=0,this.total_out=0,this.msg="",this.state=null,this.data_type=2,this.adler=0}},function(e,t,r){"use strict";e.exports={Z_NO_FLUSH:0,Z_PARTIAL_FLUSH:1,Z_SYNC_FLUSH:2,Z_FULL_FLUSH:3,Z_FINISH:4,Z_BLOCK:5,Z_TREES:6,Z_OK:0,Z_STREAM_END:1,Z_NEED_DICT:2,Z_ERRNO:-1,Z_STREAM_ERROR:-2,Z_DATA_ERROR:-3,Z_BUF_ERROR:-5,Z_NO_COMPRESSION:0,Z_BEST_SPEED:1,Z_BEST_COMPRESSION:9,Z_DEFAULT_COMPRESSION:-1,Z_FILTERED:1,Z_HUFFMAN_ONLY:2,Z_RLE:3,Z_FIXED:4,Z_DEFAULT_STRATEGY:0,Z_BINARY:0,Z_TEXT:1,Z_UNKNOWN:2,Z_DEFLATED:8}},function(e,t,r){"use strict";var i=r(7),n=r(1),o=r(9),a=r(2),s=r(11),d=r(0),h=r(14),u=r(8),l=r(10),c=[{name:"EndOfHeader"},{name:"Comment"},{name:"CipherID"},{name:"CompressionFlags"},{name:"MasterSeed"},{name:"TransformSeed",ver:[3]},{name:"TransformRounds",ver:[3]},{name:"EncryptionIV"},{name:"ProtectedStreamKey",ver:[3]},{name:"StreamStartBytes",ver:[3]},{name:"InnerRandomStreamID",ver:[3]},{name:"KdfParameters",ver:[4]},{name:"PublicCustomData",ver:[4]}],f=[{name:"EndOfHeader"},{name:"InnerRandomStreamID"},{name:"InnerRandomStreamKey"},{name:"Binary",skipHeader:!0}],p={DefaultFileVersionMajor:4,DefaultFileVersionMinor:0,MaxFileVersionMajor:4,MaxFileVersionMinor:1,MaxSupportedVersion:4,FlagBinaryProtected:1,InnerHeaderBinaryFieldId:3,DefaultKdfAlgo:n.KdfId.Argon2,DefaultKdfSaltLength:32,DefaultKdfParallelism:1,DefaultKdfIterations:2,DefaultKdfMemory:1048576,DefaultKdfVersion:19},m={3:1,4:0},y=function(){this.versionMajor=void 0,this.versionMinor=void 0,this.dataCipherUuid=void 0,this.compression=void 0,this.masterSeed=void 0,this.transformSeed=void 0,this.keyEncryptionRounds=void 0,this.encryptionIV=void 0,this.protectedStreamKey=void 0,this.streamStartBytes=void 0,this.crsAlgorithm=void 0,this.endPos=void 0,this.kdfParameters=void 0,this.publicCustomData=void 0,Object.preventExtensions(this)};y.prototype._readSignature=function(e){if(e.byteLength<8)throw new a(n.ErrorCodes.FileCorrupt,"not enough data");var t=e.getUint32(!0),r=e.getUint32(!0);if(t!==n.Signatures.FileMagic||r!==n.Signatures.Sig2Kdbx)throw new a(n.ErrorCodes.BadSignature)},y.prototype._writeSignature=function(e){e.setUint32(n.Signatures.FileMagic,!0),e.setUint32(n.Signatures.Sig2Kdbx,!0)},y.prototype._readVersion=function(e){var t=e.getUint16(!0),r=e.getUint16(!0);if(r>p.MaxSupportedVersion)throw new a(n.ErrorCodes.InvalidVersion);this.versionMinor=t,this.versionMajor=r},y.prototype._writeVersion=function(e){e.setUint16(this.versionMinor,!0),e.setUint16(this.versionMajor,!0)},y.prototype._readCipherID=function(e){if(16!==e.byteLength)throw new a(n.ErrorCodes.Unsupported,"cipher");this.dataCipherUuid=new i(e)},y.prototype._writeCipherID=function(e){this._writeFieldSize(e,16),e.writeBytes(this.dataCipherUuid.bytes)},y.prototype._readCompressionFlags=function(e){var t=new DataView(e).getUint32(e,!0);if(t<0||t>=Object.keys(n.CompressionAlgorithm).length)throw new a(n.ErrorCodes.Unsupported,"compression");this.compression=t},y.prototype._writeCompressionFlags=function(e){this._writeFieldSize(e,4),e.setUint32(this.compression,!0)},y.prototype._readMasterSeed=function(e){this.masterSeed=e},y.prototype._writeMasterSeed=function(e){this._writeFieldBytes(e,this.masterSeed)},y.prototype._readTransformSeed=function(e){this.transformSeed=e},y.prototype._writeTransformSeed=function(e){this._writeFieldBytes(e,this.transformSeed)},y.prototype._readTransformRounds=function(e){this.keyEncryptionRounds=new s(e).getUint64(!0)},y.prototype._writeTransformRounds=function(e){this._writeFieldSize(e,8),e.setUint64(this.keyEncryptionRounds,!0)},y.prototype._readEncryptionIV=function(e){this.encryptionIV=e},y.prototype._writeEncryptionIV=function(e){this._writeFieldBytes(e,this.encryptionIV)},y.prototype._readProtectedStreamKey=function(e){this.protectedStreamKey=e},y.prototype._writeProtectedStreamKey=function(e){this._writeFieldBytes(e,this.protectedStreamKey)},y.prototype._readStreamStartBytes=function(e){this.streamStartBytes=e},y.prototype._writeStreamStartBytes=function(e){this._writeFieldBytes(e,this.streamStartBytes)},y.prototype._readInnerRandomStreamID=function(e){this.crsAlgorithm=new DataView(e).getUint32(e,!0)},y.prototype._writeInnerRandomStreamID=function(e){this._writeFieldSize(e,4),e.setUint32(this.crsAlgorithm,!0)},y.prototype._readInnerRandomStreamKey=function(e){this.protectedStreamKey=e},y.prototype._writeInnerRandomStreamKey=function(e){this._writeFieldBytes(e,this.protectedStreamKey)},y.prototype._readKdfParameters=function(e){this.kdfParameters=h.read(new s(e))},y.prototype._writeKdfParameters=function(e){var t=new s;this.kdfParameters.write(t),this._writeFieldBytes(e,t.getWrittenBytes())},y.prototype._readPublicCustomData=function(e){this.publicCustomData=h.read(new s(e))},y.prototype._hasPublicCustomData=function(){return this.publicCustomData},y.prototype._writePublicCustomData=function(e){if(this.publicCustomData){var t=new s;this.publicCustomData.write(t),this._writeFieldBytes(e,t.getWrittenBytes())}},y.prototype._readBinary=function(e,t){var r=new DataView(e).getUint8(0)&p.FlagBinaryProtected,i=e.slice(1),n=r?o.fromBinary(i):i,a=Object.keys(t.kdbx.binaries).length;t.kdbx.binaries[a]=n},y.prototype._writeBinary=function(e,t){if(!(this.versionMajor<4))for(var r=t.kdbx.binaries.hashOrder,i=0;i<r.length;i++){e.setUint8(p.InnerHeaderBinaryFieldId);var s=t.kdbx.binaries[r[i]];if(!s)throw new a(n.ErrorCodes.FileCorrupt,"no binary "+i);if(s instanceof o){var h=s.getBinary();this._writeFieldSize(e,h.byteLength+1),e.setUint8(p.FlagBinaryProtected),e.writeBytes(h),d.zeroBuffer(h)}else s=d.arrayToBuffer(s),this._writeFieldSize(e,s.byteLength+1),e.setUint8(0),e.writeBytes(s)}},y.prototype._writeEndOfHeader=function(e){this._writeFieldSize(e,4),e.setUint32(13675786)},y.prototype._readField=function(e,t,r){var i,n=e.getUint8(),o=this._readFieldSize(e);o>0&&(i=e.readBytes(o));var a=t[n];if(a){var s=this["_read"+a.name];s&&s.call(this,i,r)}return 0!==n},y.prototype._writeField=function(e,t,r,i){var n=r[t];if(n){if(n.ver&&n.ver.indexOf(this.versionMajor)<0)return;var o=this["_write"+n.name];if(o){var a=this["_has"+n.name];if(a&&!a.call(this))return;n.skipHeader||e.setUint8(t),o.call(this,e,i)}}},y.prototype._readFieldSize=function(e){return this.versionMajor>=4?e.getUint32(!0):e.getUint16(!0)},y.prototype._writeFieldSize=function(e,t){this.versionMajor>=4?e.setUint32(t,!0):e.setUint16(t,!0)},y.prototype._writeFieldBytes=function(e,t){this._writeFieldSize(e,t.byteLength),e.writeBytes(t)},y.prototype._validate=function(){if(void 0===this.dataCipherUuid)throw new a(n.ErrorCodes.FileCorrupt,"no cipher in header");if(void 0===this.compression)throw new a(n.ErrorCodes.FileCorrupt,"no compression in header");if(!this.masterSeed)throw new a(n.ErrorCodes.FileCorrupt,"no master seed in header");if(this.versionMajor<4&&!this.transformSeed)throw new a(n.ErrorCodes.FileCorrupt,"no transform seed in header");if(this.versionMajor<4&&!this.keyEncryptionRounds)throw new a(n.ErrorCodes.FileCorrupt,"no key encryption rounds in header");if(!this.encryptionIV)throw new a(n.ErrorCodes.FileCorrupt,"no encryption iv in header");if(this.versionMajor<4&&!this.protectedStreamKey)throw new a(n.ErrorCodes.FileCorrupt,"no protected stream key in header");if(this.versionMajor<4&&!this.streamStartBytes)throw new a(n.ErrorCodes.FileCorrupt,"no stream start bytes in header");if(this.versionMajor<4&&!this.crsAlgorithm)throw new a(n.ErrorCodes.FileCorrupt,"no crs algorithm in header");if(this.versionMajor>=4&&!this.kdfParameters)throw new a(n.ErrorCodes.FileCorrupt,"no kdf parameters in header")},y.prototype._validateInner=function(){if(!this.protectedStreamKey)throw new a(n.ErrorCodes.FileCorrupt,"no protected stream key in header");if(!this.crsAlgorithm)throw new a(n.ErrorCodes.FileCorrupt,"no crs algorithm in header")},y.prototype._createKdfParameters=function(e){switch(e||(e=p.DefaultKdfAlgo),e){case n.KdfId.Argon2:this.kdfParameters=new h,this.kdfParameters.set("$UUID",h.ValueType.Bytes,d.base64ToBytes(n.KdfId.Argon2)),this.kdfParameters.set("S",h.ValueType.Bytes,l.getBytes(p.DefaultKdfSaltLength)),this.kdfParameters.set("P",h.ValueType.UInt32,p.DefaultKdfParallelism),this.kdfParameters.set("I",h.ValueType.UInt64,new u(p.DefaultKdfIterations)),this.kdfParameters.set("M",h.ValueType.UInt64,new u(p.DefaultKdfMemory)),this.kdfParameters.set("V",h.ValueType.UInt32,p.DefaultKdfVersion);break;case n.KdfId.Aes:this.kdfParameters=new h,this.kdfParameters.set("$UUID",h.ValueType.Bytes,d.base64ToBytes(n.KdfId.Aes)),this.kdfParameters.set("S",h.ValueType.Bytes,l.getBytes(p.DefaultKdfSaltLength)),this.kdfParameters.set("R",h.ValueType.UInt64,new u(n.Defaults.KeyEncryptionRounds));break;default:throw new a(n.ErrorCodes.InvalidArg,"bad KDF algo")}},y.prototype.write=function(e){this._validate(),this._writeSignature(e),this._writeVersion(e);for(var t=1;t<c.length;t++)this._writeField(e,t,c);this._writeField(e,0,c),this.endPos=e.pos},y.prototype.writeInnerHeader=function(e,t){this._validateInner();for(var r=1;r<f.length;r++)this._writeField(e,r,f,t);this._writeField(e,0,f)},y.prototype.generateSalts=function(){if(this.masterSeed=l.getBytes(32),this.versionMajor<4)this.transformSeed=l.getBytes(32),this.streamStartBytes=l.getBytes(32),this.protectedStreamKey=l.getBytes(32),this.encryptionIV=l.getBytes(16);else{this.protectedStreamKey=l.getBytes(64),this.kdfParameters.set("S",h.ValueType.Bytes,l.getBytes(32));var e=this.dataCipherUuid.toString()===n.CipherId.ChaCha20?12:16;this.encryptionIV=l.getBytes(e)}},y.prototype.setVersion=function(e){if(3!==e&&4!==e)throw new a(n.ErrorCodes.InvalidArg,"bad file version");this.versionMajor=e,this.versionMinor=m[e],4===this.versionMajor?(this.kdfParameters||this._createKdfParameters(),this.crsAlgorithm=n.CrsAlgorithm.ChaCha20,this.keyEncryptionRounds=void 0):(this.kdfParameters=void 0,this.crsAlgorithm=n.CrsAlgorithm.Salsa20,this.keyEncryptionRounds=n.Defaults.KeyEncryptionRounds)},y.prototype.setKdf=function(e){this._createKdfParameters(e)},y.read=function(e,t){var r=new y;for(r._readSignature(e),r._readVersion(e);r._readField(e,c,t););return r.endPos=e.pos,r._validate(),r},y.prototype.readInnerHeader=function(e,t){for(;this._readField(e,f,t););this._validateInner()},y.create=function(){var e=new y;return e.versionMajor=p.DefaultFileVersionMajor,e.versionMinor=p.DefaultFileVersionMinor,e.dataCipherUuid=new i(n.CipherId.Aes),e.compression=n.CompressionAlgorithm.GZip,e.crsAlgorithm=n.CrsAlgorithm.ChaCha20,e._createKdfParameters(),e},y.MaxFileVersion=p.MaxFileVersionMajor,e.exports=y},function(e,t,r){"use strict";function i(e,t){this.rounds=20,this.sigmaWords=[1634760805,857760878,2036477234,1797285236],this.keyWords=[],this.nonceWords=[0,0],this.counterWords=[0,0],this.block=[],this.blockUsed=64,this.setKey(e),this.setNonce(t)}i.prototype.setKey=function(e){for(var t=0,r=0;t<8;t++,r+=4)this.keyWords[t]=255&e[r]|(255&e[r+1])<<8|(255&e[r+2])<<16|(255&e[r+3])<<24;this._reset()},i.prototype.setNonce=function(e){this.nonceWords[0]=255&e[0]|(255&e[1])<<8|(255&e[2])<<16|(255&e[3])<<24,this.nonceWords[1]=255&e[4]|(255&e[5])<<8|(255&e[6])<<16|(255&e[7])<<24,this._reset()},i.prototype.getBytes=function(e){for(var t=new Uint8Array(e),r=0;r<e;r++)64===this.blockUsed&&(this._generateBlock(),this._incrementCounter(),this.blockUsed=0),t[r]=this.block[this.blockUsed],this.blockUsed++;return t},i.prototype.getHexString=function(e){for(var t=["0","1","2","3","4","5","6","7","8","9","a","b","c","d","e","f"],r=[],i=this.getBytes(e),n=0;n<i.length;n++)r.push(t[i[n]>>4&15]),r.push(t[15&i[n]]);return r.join("")},i.prototype._reset=function(){this.counterWords[0]=0,this.counterWords[1]=0,this.blockUsed=64},i.prototype._incrementCounter=function(){this.counterWords[0]=this.counterWords[0]+1&4294967295,0===this.counterWords[0]&&(this.counterWords[1]=this.counterWords[1]+1&4294967295)},i.prototype._generateBlock=function(){for(var e,t=this.sigmaWords[0],r=this.keyWords[0],i=this.keyWords[1],n=this.keyWords[2],o=this.keyWords[3],a=this.sigmaWords[1],s=this.nonceWords[0],d=this.nonceWords[1],h=this.counterWords[0],u=this.counterWords[1],l=this.sigmaWords[2],c=this.keyWords[4],f=this.keyWords[5],p=this.keyWords[6],m=this.keyWords[7],y=this.sigmaWords[3],g=t,_=r,b=i,v=n,w=o,k=a,C=s,x=d,E=h,B=u,T=l,A=c,S=f,U=p,D=m,I=y,N=0;N<this.rounds;N+=2)g^=(e=(S^=(e=(E^=(e=(w^=(e=g+S)<<7|e>>>25)+g)<<9|e>>>23)+w)<<13|e>>>19)+E)<<18|e>>>14,k^=(e=(_^=(e=(U^=(e=(B^=(e=k+_)<<7|e>>>25)+k)<<9|e>>>23)+B)<<13|e>>>19)+U)<<18|e>>>14,T^=(e=(C^=(e=(b^=(e=(D^=(e=T+C)<<7|e>>>25)+T)<<9|e>>>23)+D)<<13|e>>>19)+b)<<18|e>>>14,I^=(e=(A^=(e=(x^=(e=(v^=(e=I+A)<<7|e>>>25)+I)<<9|e>>>23)+v)<<13|e>>>19)+x)<<18|e>>>14,g^=(e=(v^=(e=(b^=(e=(_^=(e=g+v)<<7|e>>>25)+g)<<9|e>>>23)+_)<<13|e>>>19)+b)<<18|e>>>14,k^=(e=(w^=(e=(x^=(e=(C^=(e=k+w)<<7|e>>>25)+k)<<9|e>>>23)+C)<<13|e>>>19)+x)<<18|e>>>14,T^=(e=(B^=(e=(E^=(e=(A^=(e=T+B)<<7|e>>>25)+T)<<9|e>>>23)+A)<<13|e>>>19)+E)<<18|e>>>14,I^=(e=(D^=(e=(U^=(e=(S^=(e=I+D)<<7|e>>>25)+I)<<9|e>>>23)+S)<<13|e>>>19)+U)<<18|e>>>14;g+=t,_+=r,b+=i,v+=n,w+=o,k+=a,C+=s,x+=d,E+=h,B+=u,T+=l,A+=c,S+=f,U+=p,D+=m,I+=y,this.block[0]=g>>>0&255,this.block[1]=g>>>8&255,this.block[2]=g>>>16&255,this.block[3]=g>>>24&255,this.block[4]=_>>>0&255,this.block[5]=_>>>8&255,this.block[6]=_>>>16&255,this.block[7]=_>>>24&255,this.block[8]=b>>>0&255,this.block[9]=b>>>8&255,this.block[10]=b>>>16&255,this.block[11]=b>>>24&255,this.block[12]=v>>>0&255,this.block[13]=v>>>8&255,this.block[14]=v>>>16&255,this.block[15]=v>>>24&255,this.block[16]=w>>>0&255,this.block[17]=w>>>8&255,this.block[18]=w>>>16&255,this.block[19]=w>>>24&255,this.block[20]=k>>>0&255,this.block[21]=k>>>8&255,this.block[22]=k>>>16&255,this.block[23]=k>>>24&255,this.block[24]=C>>>0&255,this.block[25]=C>>>8&255,this.block[26]=C>>>16&255,this.block[27]=C>>>24&255,this.block[28]=x>>>0&255,this.block[29]=x>>>8&255,this.block[30]=x>>>16&255,this.block[31]=x>>>24&255,this.block[32]=E>>>0&255,this.block[33]=E>>>8&255,this.block[34]=E>>>16&255,this.block[35]=E>>>24&255,this.block[36]=B>>>0&255,this.block[37]=B>>>8&255,this.block[38]=B>>>16&255,this.block[39]=B>>>24&255,this.block[40]=T>>>0&255,this.block[41]=T>>>8&255,this.block[42]=T>>>16&255,this.block[43]=T>>>24&255,this.block[44]=A>>>0&255,this.block[45]=A>>>8&255,this.block[46]=A>>>16&255,this.block[47]=A>>>24&255,this.block[48]=S>>>0&255,this.block[49]=S>>>8&255,this.block[50]=S>>>16&255,this.block[51]=S>>>24&255,this.block[52]=U>>>0&255,this.block[53]=U>>>8&255,this.block[54]=U>>>16&255,this.block[55]=U>>>24&255,this.block[56]=D>>>0&255,this.block[57]=D>>>8&255,this.block[58]=D>>>16&255,this.block[59]=D>>>24&255,this.block[60]=I>>>0&255,this.block[61]=I>>>8&255,this.block[62]=I>>>16&255,this.block[63]=I>>>24&255},e.exports=i},function(e,t,r){"use strict";function i(e,t){this.sigmaWords=[1634760805,857760878,2036477234,1797285236],this.block=new Uint8Array(64),this.blockUsed=64,this.x=new Uint32Array(16);var r=new Uint32Array(16);r[0]=this.sigmaWords[0],r[1]=this.sigmaWords[1],r[2]=this.sigmaWords[2],r[3]=this.sigmaWords[3],r[4]=o(e,0),r[5]=o(e,4),r[6]=o(e,8),r[7]=o(e,12),r[8]=o(e,16),r[9]=o(e,20),r[10]=o(e,24),r[11]=o(e,28),r[12]=0,12===t.length?(r[13]=o(t,0),r[14]=o(t,4),r[15]=o(t,8)):(r[13]=0,r[14]=o(t,0),r[15]=o(t,4)),this.input=r}function n(e,t,r,i,n){e[t]+=e[r],e[n]=s(e[n]^e[t],16),e[i]+=e[n],e[r]=s(e[r]^e[i],12),e[t]+=e[r],e[n]=s(e[n]^e[t],8),e[i]+=e[n],e[r]=s(e[r]^e[i],7)}function o(e,t){return e[t]|e[t+1]<<8|e[t+2]<<16|e[t+3]<<24}function a(e,t,r){e[t]=r,r>>>=8,e[t+1]=r,r>>>=8,e[t+2]=r,r>>>=8,e[t+3]=r}function s(e,t){return e<<t|e>>>32-t}i.prototype.getBytes=function(e){for(var t=new Uint8Array(e),r=0;r<e;r++)64===this.blockUsed&&(this._generateBlock(),this.blockUsed=0),t[r]=this.block[this.blockUsed],this.blockUsed++;return t},i.prototype._generateBlock=function(){var e,t=this.input,r=this.x,i=this.block;for(r.set(t),e=20;e>0;e-=2)n(r,0,4,8,12),n(r,1,5,9,13),n(r,2,6,10,14),n(r,3,7,11,15),n(r,0,5,10,15),n(r,1,6,11,12),n(r,2,7,8,13),n(r,3,4,9,14);for(e=16;e--;)r[e]+=t[e];for(e=16;e--;)a(i,4*e,r[e]);t[12]+=1,t[12]||(t[13]+=1)},i.prototype.encrypt=function(e){for(var t=e.length,r=new Uint8Array(t),i=0,n=this.block;i<t;){this._generateBlock();for(var o=Math.min(t-i,64),a=0;a<o;a++)r[i]=e[i]^n[a],i++}return r},e.exports=i},function(e,t,r){"use strict";var i=r(0),n=r(3),o=16;function a(e,t,r){for(var n=Promise.resolve(i.arrayToBuffer(t)),a=new Uint8Array(o*Math.min(r,1e4));r>0;){var d=Math.min(r,1e4);r-=d;var h=o*d;n=s(e,n,a.length===h?a.buffer:i.arrayToBuffer(a.subarray(0,h)))}return n.then((function(e){return new Uint8Array(e)}))}function s(e,t,r){return t.then((function(t){return e.encrypt(r,t)})).then((function(e){var t=i.arrayToBuffer(new Uint8Array(e).subarray(-32,-16));return i.zeroBuffer(e),t}))}e.exports.encrypt=function(e,t,r){var s=n.createAesCbc();return s.importKey(i.arrayToBuffer(t)).then((function(){for(var t=[],i=0;i<32;i+=o)t.push(a(s,e.subarray(i,i+o),r));return Promise.all(t)})).then((function(e){var t=new Uint8Array(32);return e.forEach((function(e,r){for(var n=r*o,a=0;a<o;++a)t[a+n]=e[a];i.zeroBuffer(e)})),t}))}},function(e,t,r){"use strict";var i=r(9),n=r(2),o=r(1),a=r(0),s=r(4),d=r(10),h=r(3),u=function(e,t,r){var i=this;this.ready=Promise.all([this.setPassword(e),this.setKeyFile(t),this.setChallengeResponse(r)]).then((function(){return i}))};u.prototype.setPassword=function(e){if(null!==e){if(e instanceof i){var t=this;return e.getHash().then((function(e){t.passwordHash=i.fromBinary(e)}))}return Promise.reject(new n(o.ErrorCodes.InvalidArg,"password"))}return this.passwordHash=null,Promise.resolve()},u.prototype.setKeyFile=function(e){if(e&&!(e instanceof ArrayBuffer)&&!(e instanceof Uint8Array))return Promise.reject(new n(o.ErrorCodes.InvalidArg,"keyFile"));if(e){if(32===e.byteLength)return this.keyFileHash=i.fromBinary(a.arrayToBuffer(e)),Promise.resolve();try{var t;if((t=a.bytesToString(a.arrayToBuffer(e))).match(/^[a-f\d]{64}$/i)){var r=a.hexToBytes(t);return void(this.keyFileHash=i.fromBinary(r))}var d=s.parse(t.trim()),u=s.getChildNode(d.documentElement,"Key"),l=s.getChildNode(u,"Data");this.keyFileHash=i.fromBinary(a.base64ToBytes(l.textContent))}catch(t){var c=this;return h.sha256(e).then((function(e){c.keyFileHash=i.fromBinary(e)}))}}else this.keyFileHash=null;return Promise.resolve()},u.prototype.setChallengeResponse=function(e){return this.challengeResponse=e,Promise.resolve()},u.prototype.getHash=function(e){var t=this;return this.ready.then((function(){return t.getChallengeResponse(e).then((function(e){var r=[];t.passwordHash&&r.push(t.passwordHash.getBinary()),t.keyFileHash&&r.push(t.keyFileHash.getBinary()),e&&r.push(new Uint8Array(e));var i=r.reduce((function(e,t){return e+t.byteLength}),0),n=new Uint8Array(i),o=0;return r.forEach((function(e){n.set(e,o),a.zeroBuffer(e),o+=e.length})),h.sha256(a.arrayToBuffer(n)).then((function(e){return a.zeroBuffer(n),e}))}))}))},u.prototype.getChallengeResponse=function(e){var t=this.challengeResponse;return Promise.resolve().then((function(){return t&&e?t(e).then((function(e){return h.sha256(a.arrayToBuffer(e)).then((function(t){return a.zeroBuffer(e),t}))})):null}))},u.createRandomKeyFile=function(){for(var e=d.getBytes(32),t=d.getBytes(32),r=0;r<32;r++)e[r]^=t[r],e[r]^=1e3*Math.random()%255;var i=a.bytesToBase64(e);return u.createKeyFileWithHash(i)},u.createKeyFileWithHash=function(e){var t='<?xml version="1.0" encoding="utf-8"?>\n<KeyFile>\n    <Meta>\n        <Version>1.00</Version>\n    </Meta>\n    <Key>\n       <Data>'+e+"</Data>\n   </Key>\n</KeyFile>";return a.stringToBytes(t)},e.exports=u},function(e,t,r){"use strict";var i=r(6),n=r(4),o=function(){this.creationTime=void 0,this.lastModTime=void 0,this.lastAccessTime=void 0,this.expiryTime=void 0,this.expires=void 0,this.usageCount=void 0,this.locationChanged=new Date,Object.preventExtensions(this)};o.prototype._readNode=function(e){switch(e.tagName){case i.Elem.CreationTime:this.creationTime=n.getDate(e);break;case i.Elem.LastModTime:this.lastModTime=n.getDate(e);break;case i.Elem.LastAccessTime:this.lastAccessTime=n.getDate(e);break;case i.Elem.ExpiryTime:this.expiryTime=n.getDate(e);break;case i.Elem.Expires:this.expires=n.getBoolean(e);break;case i.Elem.UsageCount:this.usageCount=n.getNumber(e);break;case i.Elem.LocationChanged:this.locationChanged=n.getDate(e)}},o.prototype.clone=function(){var e=new o;return e.creationTime=this.creationTime,e.lastModTime=this.lastModTime,e.lastAccessTime=this.lastAccessTime,e.expiryTime=this.expiryTime,e.expires=this.expires,e.usageCount=this.usageCount,e.locationChanged=this.locationChanged,e},o.prototype.update=function(){var e=new Date;this.lastModTime=e,this.lastAccessTime=e},o.prototype.write=function(e,t){var r=n.addChildNode(e,i.Elem.Times);t.setXmlDate(n.addChildNode(r,i.Elem.CreationTime),this.creationTime),t.setXmlDate(n.addChildNode(r,i.Elem.LastModTime),this.lastModTime),t.setXmlDate(n.addChildNode(r,i.Elem.LastAccessTime),this.lastAccessTime),t.setXmlDate(n.addChildNode(r,i.Elem.ExpiryTime),this.expiryTime),n.setBoolean(n.addChildNode(r,i.Elem.Expires),this.expires),n.setNumber(n.addChildNode(r,i.Elem.UsageCount),this.usageCount),t.setXmlDate(n.addChildNode(r,i.Elem.LocationChanged),this.locationChanged)},o.create=function(){var e=new o,t=new Date;return e.creationTime=t,e.lastModTime=t,e.lastAccessTime=t,e.expiryTime=t,e.expires=!1,e.usageCount=0,e.locationChanged=t,e},o.read=function(e){for(var t=new o,r=0,i=e.childNodes,n=i.length;r<n;r++){var a=i[r];a.tagName&&t._readNode(a)}return t},e.exports=o},function(e,t,r){"use strict";var i=r(9),n=r(6),o=r(4),a=r(1),s=r(15),d=r(7),h=r(27),u=/\s*[;,:]\s*/,l=function(){this.uuid=void 0,this.icon=void 0,this.customIcon=void 0,this.fgColor=void 0,this.bgColor=void 0,this.overrideUrl=void 0,this.tags=[],this.times=new h,this.fields={},this.binaries={},this.autoType={enabled:!0,obfuscation:a.AutoTypeObfuscationOptions.None,defaultSequence:void 0,items:[]},this.history=[],this.parentGroup=void 0,this.customData=void 0,this._editState=void 0,Object.preventExtensions(this)};l.prototype._readNode=function(e,t){switch(e.tagName){case n.Elem.Uuid:this.uuid=o.getUuid(e);break;case n.Elem.Icon:this.icon=o.getNumber(e)||a.Icons.Key;break;case n.Elem.CustomIconID:this.customIcon=o.getUuid(e);break;case n.Elem.FgColor:this.fgColor=o.getText(e);break;case n.Elem.BgColor:this.bgColor=o.getText(e);break;case n.Elem.OverrideUrl:this.overrideUrl=o.getText(e);break;case n.Elem.Tags:this.tags=this._stringToTags(o.getText(e));break;case n.Elem.Times:this.times=h.read(e);break;case n.Elem.String:this._readField(e);break;case n.Elem.Binary:this._readBinary(e,t);break;case n.Elem.AutoType:this._readAutoType(e);break;case n.Elem.History:this._readHistory(e,t);break;case n.Elem.CustomData:this._readCustomData(e)}},l.prototype._readField=function(e){var t=o.getChildNode(e,n.Elem.Key),r=o.getChildNode(e,n.Elem.Value),i=o.getText(t),a=o.getProtectedText(r);i&&(this.fields[i]=a)},l.prototype._writeFields=function(e){var t=this.fields;Object.keys(t).forEach((function(r){var i=t[r];if(null!=i){var a=o.addChildNode(e,n.Elem.String);o.setText(o.addChildNode(a,n.Elem.Key),r),o.setProtectedText(o.addChildNode(a,n.Elem.Value),i)}}))},l.prototype._readBinary=function(e,t){var r=o.getChildNode(e,n.Elem.Key),i=o.getChildNode(e,n.Elem.Value),a=o.getText(r),s=o.getProtectedBinary(i);a&&s&&(s.ref&&(s.ref=t.kdbx.binaries.idToHash[s.ref],s.ref?s.value=t.kdbx.binaries[s.ref]:s=null),s&&(this.binaries[a]=s))},l.prototype._writeBinaries=function(e,t){var r=this.binaries;Object.keys(r).forEach((function(i){var a=r[i];if(a){if(a.ref){var s=t.kdbx.binaries.hashOrder.indexOf(a.ref);if(s<0)return;a={ref:s.toString()}}var d=o.addChildNode(e,n.Elem.Binary);o.setText(o.addChildNode(d,n.Elem.Key),i),o.setProtectedBinary(o.addChildNode(d,n.Elem.Value),a)}}))},l.prototype._stringToTags=function(e){return e?e.split(u).filter((function(e){return e})):[]},l.prototype._readAutoType=function(e){for(var t=0,r=e.childNodes,i=r.length;t<i;t++){var s=r[t];switch(s.tagName){case n.Elem.AutoTypeEnabled:this.autoType.enabled=o.getBoolean(s),"boolean"!=typeof this.autoType.enabled&&(this.autoType.enabled=!0);break;case n.Elem.AutoTypeObfuscation:this.autoType.obfuscation=o.getNumber(s)||a.AutoTypeObfuscationOptions.None;break;case n.Elem.AutoTypeDefaultSeq:this.autoType.defaultSequence=o.getText(s);break;case n.Elem.AutoTypeItem:this._readAutoTypeItem(s)}}},l.prototype._readAutoTypeItem=function(e){for(var t={},r=0,i=e.childNodes,a=i.length;r<a;r++){var s=i[r];switch(s.tagName){case n.Elem.Window:t.window=o.getText(s);break;case n.Elem.KeystrokeSequence:t.keystrokeSequence=o.getText(s)}}this.autoType.items.push(t)},l.prototype._writeAutoType=function(e){var t=o.addChildNode(e,n.Elem.AutoType);o.setBoolean(o.addChildNode(t,n.Elem.AutoTypeEnabled),this.autoType.enabled),o.setNumber(o.addChildNode(t,n.Elem.AutoTypeObfuscation),this.autoType.obfuscation||a.AutoTypeObfuscationOptions.None),this.autoType.defaultSequence&&o.setText(o.addChildNode(t,n.Elem.AutoTypeDefaultSeq),this.autoType.defaultSequence);for(var r=0;r<this.autoType.items.length;r++){var i=this.autoType.items[r],s=o.addChildNode(t,n.Elem.AutoTypeItem);o.setText(o.addChildNode(s,n.Elem.Window),i.window),o.setText(o.addChildNode(s,n.Elem.KeystrokeSequence),i.keystrokeSequence)}},l.prototype._readHistory=function(e,t){for(var r=0,i=e.childNodes,o=i.length;r<o;r++){var a=i[r];switch(a.tagName){case n.Elem.Entry:this.history.push(l.read(a,t))}}},l.prototype._writeHistory=function(e,t){for(var r=o.addChildNode(e,n.Elem.History),i=0;i<this.history.length;i++)this.history[i].write(r,t)},l.prototype._readCustomData=function(e){this.customData=s.read(e)},l.prototype._writeCustomData=function(e){s.write(e,this.customData)},l.prototype._setField=function(e,t,r){this.fields[e]=r?i.fromString(t):t},l.prototype._addHistoryTombstone=function(e,t){this._editState||(this._editState={added:[],deleted:[]}),this._editState[e?"added":"deleted"].push(t.getTime())},l.prototype.write=function(e,t){var r=o.addChildNode(e,n.Elem.Entry);o.setUuid(o.addChildNode(r,n.Elem.Uuid),this.uuid),o.setNumber(o.addChildNode(r,n.Elem.Icon),this.icon||a.Icons.Key),this.customIcon&&o.setUuid(o.addChildNode(r,n.Elem.CustomIconID),this.customIcon),o.setText(o.addChildNode(r,n.Elem.FgColor),this.fgColor),o.setText(o.addChildNode(r,n.Elem.BgColor),this.bgColor),o.setText(o.addChildNode(r,n.Elem.OverrideUrl),this.overrideUrl),o.setText(o.addChildNode(r,n.Elem.Tags),this.tags.join(",")),this.times.write(r,t),this._writeFields(r),this._writeBinaries(r,t),this._writeAutoType(r),this._writeCustomData(r),e.tagName!==n.Elem.History&&this._writeHistory(r,t)},l.prototype.pushHistory=function(){var e=new l;e.copyFrom(this),this.history.push(e),this._addHistoryTombstone(!0,e.times.lastModTime)},l.prototype.removeHistory=function(e,t){void 0===t&&(t=1);for(var r=e;r<e+t;r++)r<this.history.length&&this._addHistoryTombstone(!1,this.history[r].times.lastModTime);this.history.splice(e,t)},l.prototype.copyFrom=function(e){this.uuid=e.uuid,this.icon=e.icon,this.customIcon=e.customIcon,this.fgColor=e.fgColor,this.bgColor=e.bgColor,this.overrideUrl=e.overrideUrl,this.tags=e.tags.slice(),this.times=e.times.clone(),this.fields={},Object.keys(e.fields).forEach((function(t){e.fields[t]instanceof i?this.fields[t]=e.fields[t].clone():this.fields[t]=e.fields[t]}),this),this.binaries={},Object.keys(e.binaries).forEach((function(t){e.binaries[t]instanceof i?this.binaries[t]=e.binaries[t].clone():e.binaries[t]&&e.binaries[t].ref?(this.binaries[t]={ref:e.binaries[t].ref},e.binaries[t].value&&(this.binaries[t].value=e.binaries[t].value)):this.binaries[t]=e.binaries[t]}),this),this.autoType=JSON.parse(JSON.stringify(e.autoType))},l.prototype.merge=function(e){var t=e.remote[this.uuid];if(t){var r=t.history.slice();if(this.times.lastModTime<t.times.lastModTime)this.pushHistory(),this.copyFrom(t);else if(this.times.lastModTime>t.times.lastModTime){if(!this.history.some((function(e){return+e.times.lastModTime==+t.times.lastModTime}))){var i=new l;i.copyFrom(t),r.push(i)}}this.history=this._mergeHistory(r,t.times.lastModTime)}},l.prototype._mergeHistory=function(e,t){this.history.sort((function(e,t){return e.times.lastModTime-t.times.lastModTime})),e.sort((function(e,t){return e.times.lastModTime-t.times.lastModTime}));var r={},i={};this.history.forEach((function(e){r[e.times.lastModTime.getTime()]=e})),e.forEach((function(e){i[e.times.lastModTime.getTime()]=e}));for(var n=0,o=0,a=[];n<this.history.length||o<e.length;){var s=this.history[n],d=e[o],h=s&&s.times.lastModTime.getTime(),u=d&&d.times.lastModTime.getTime();if(h!==u)if(!s||h>u){if(!this._editState||this._editState.deleted.indexOf(u)<0){var c=new l;c.copyFrom(d),a.push(c)}o++}else(this._editState&&this._editState.added.indexOf(h)>=0||h>t)&&a.push(s),n++;else a.push(s),n++,o++}return a},l.create=function(e,t){var r=new l(t);return r.uuid=d.random(),r.icon=a.Icons.Key,r.times=h.create(),r.parentGroup=t,r._setField("Title","",e.memoryProtection.title),r._setField("UserName",e.defaultUser||"",e.memoryProtection.userName),r._setField("Password","",e.memoryProtection.password),r._setField("URL","",e.memoryProtection.url),r._setField("Notes","",e.memoryProtection.notes),r.autoType.enabled="boolean"!=typeof t.enableAutoType||t.enableAutoType,r.autoType.obfuscation=a.AutoTypeObfuscationOptions.None,r},l.read=function(e,t,r){for(var i=new l,n=0,o=e.childNodes,a=o.length;n<a;n++){var s=o[n];s.tagName&&i._readNode(s,t)}if(!i.uuid){i.uuid=d.random();for(var h=0;h<i.history.length;h++)i.history[h].uuid=i.uuid}return i.parentGroup=r,i},e.exports=l},function(e,t,r){e.exports.Kdbx=r(30),e.exports.KdbxUuid=r(7),e.exports.KdbxError=r(2),e.exports.Credentials=r(26),e.exports.Consts=r(1),e.exports.ProtectedValue=r(9),e.exports.ByteUtils=r(0),e.exports.VarDictionary=r(14),e.exports.Int64=r(8),e.exports.Random=r(10),e.exports.CryptoEngine=r(3)},function(e,t,r){"use strict";var i=r(31),n=r(2),o=r(26),a=r(22),s=r(49),d=r(50),h=r(51),u=r(28),l=r(52),c=r(7),f=r(1),p=r(6),m=r(4),y=function(){this.header=void 0,this.credentials=void 0,this.meta=void 0,this.xml=void 0,this.binaries=new d,this.groups=[],this.deletedObjects=[],Object.preventExtensions(this)};y.create=function(e,t){if(!(e instanceof o))throw new n(f.ErrorCodes.InvalidArg,"credentials");var r=new y;return r.credentials=e,r.header=a.create(),r.meta=s.create(),r.meta._name=t,r.createDefaultGroup(),r.createRecycleBin(),r.meta._lastSelectedGroup=r.getDefaultGroup().id,r.meta._lastTopVisibleGroup=r.getDefaultGroup().id,r},y.load=function(e,t){if(!(e instanceof ArrayBuffer))return Promise.reject(new n(f.ErrorCodes.InvalidArg,"data"));if(!(t instanceof o))return Promise.reject(new n(f.ErrorCodes.InvalidArg,"credentials"));var r=new y;return r.credentials=t,new i(r).load(e)},y.loadXml=function(e,t){if("string"!=typeof e)return Promise.reject(new n(f.ErrorCodes.InvalidArg,"data"));if(!(t instanceof o))return Promise.reject(new n(f.ErrorCodes.InvalidArg,"credentials"));var r=new y;return r.credentials=t,new i(r).loadXml(e)},y.prototype.save=function(){return new i(this).save()},y.prototype.saveXml=function(e){return new i(this).saveXml(e)},y.prototype.createDefaultGroup=function(){if(!this.groups.length){var e=h.create(this.meta.name);e.icon=f.Icons.FolderOpen,e.expanded=!0,this.groups.push(e)}},y.prototype.createRecycleBin=function(){if(this.meta.recycleBinEnabled=!0,!this.meta.recycleBinUuid||!this.getGroup(this.meta.recycleBinUuid)){var e=this.getDefaultGroup(),t=h.create(f.Defaults.RecycleBinName,e);t.icon=f.Icons.TrashBin,t.enableAutoType=!1,t.enableSearching=!1,this.meta.recycleBinUuid=t.uuid,e.groups.push(t)}},y.prototype.createGroup=function(e,t){var r=h.create(t,e);return e.groups.push(r),r},y.prototype.createEntry=function(e){var t=u.create(this.meta,e);return e.entries.push(t),t},y.prototype.getDefaultGroup=function(){return this.groups[0]},y.prototype.getGroup=function(e,t){for(var r=t?t.groups:this.groups,i=0;i<r.length;i++){if(r[i].uuid.id===e.id)return r[i];var n=this.getGroup(e,r[i]);if(n)return n}},y.prototype.move=function(e,t,r){var i=e instanceof h?"groups":"entries",n=e.parentGroup[i],o=n.indexOf(e);if(!(o<0)){if(n.splice(o,1),t)"number"==typeof r&&r>=0?t[i].splice(r,0,e):t[i].push(e);else{var a=new Date;e instanceof h?e.forEach((function(e,t){this.addDeletedObject((e||t).uuid,a)}),this):this.addDeletedObject(e.uuid,a)}e.parentGroup=t,e.times.locationChanged=new Date}},y.prototype.addDeletedObject=function(e,t){var r=new l;r.uuid=e,r.deletionTime=t,this.deletedObjects.push(r)},y.prototype.remove=function(e){var t=null;this.meta.recycleBinEnabled&&(this.createRecycleBin(),t=this.getGroup(this.meta.recycleBinUuid)),this.move(e,t)},y.prototype.createBinary=function(e){return this.binaries.add(e)},y.prototype.importEntry=function(e,t,r){var i=new u,n=c.random();i.copyFrom(e),i.uuid=n,e.history.forEach((function(e){var t=new u;t.copyFrom(e),t.uuid=n,i.history.push(t)}));var o={},a={};return i.history.concat(i).forEach((function(e){e.customIcon&&(a[e.customIcon]=e.customIcon),Object.values(e.binaries).forEach((function(e){e.ref&&(o[e.ref]=e)}))})),Object.values(o).forEach((function(e){var t=r.binaries[e.ref];t&&!this.binaries[e.ref]&&(this.binaries[e.ref]=t)}),this),Object.values(a).forEach((function(e){var t=r.meta.customIcons[e];t&&(this.meta.customIcons[e]=t)}),this),t.entries.push(i),i.parentGroup=t,i.times.update(),i},y.prototype.cleanup=function(e){var t=new Date,r=e&&e.historyRules&&"number"==typeof this.meta.historyMaxItems&&this.meta.historyMaxItems>=0?this.meta.historyMaxItems:1/0,i={},n={},o=function(e){e&&e.customIcon&&(i[e.customIcon]=!0),e&&e.binaries&&Object.keys(e.binaries).forEach((function(t){e.binaries[t]&&e.binaries[t].ref&&(n[e.binaries[t].ref]=!0)}))};this.getDefaultGroup().forEach((function(e,t){e&&e.history.length>r&&e.removeHistory(0,e.history.length-r),e&&o(e),e&&e.history&&e.history.forEach((function(e){o(e)})),t&&t.customIcon&&(i[t.customIcon]=!0)})),e&&e.customIcons&&Object.keys(this.meta.customIcons).forEach((function(e){if(!i[e]){var r=new c(e);this.addDeletedObject(r,t),delete this.meta.customIcons[e]}}),this),e&&e.binaries&&Object.keys(this.binaries).forEach((function(e){n[e]||delete this.binaries[e]}),this)},y.prototype.merge=function(e){var t=this.getDefaultGroup(),r=e.getDefaultGroup();if(!t||!r)throw new n(f.ErrorCodes.MergeError,"no default group");if(!t.uuid.equals(r.uuid))throw new n(f.ErrorCodes.MergeError,"default group is different");var i=this._getObjectMap();e.deletedObjects.forEach((function(e){i.deleted[e.uuid]||(this.deletedObjects.push(e),i.deleted[e.uuid]=e.deletionTime)}),this),Object.keys(e.binaries).forEach((function(t){this.binaries[t]||i.deleted[t]||(this.binaries[t]=e.binaries[t])}),this),i.remote=e._getObjectMap().objects,this.meta.merge(e.meta,i),t.merge(i),this.cleanup({historyRules:!0,customIcons:!0,binaries:!0})},y.prototype.getLocalEditState=function(){var e={};return this.getDefaultGroup().forEach((function(t){t&&t._editState&&(e[t.uuid]=t._editState)})),this.meta._editState&&(e.meta=this.meta._editState),e},y.prototype.setLocalEditState=function(e){this.getDefaultGroup().forEach((function(t){t&&e[t.uuid]&&(t._editState=e[t.uuid])})),e.meta&&(this.meta._editState=e.meta)},y.prototype.removeLocalEditState=function(){this.getDefaultGroup().forEach((function(e){e&&(e._editState=void 0)})),this.meta._editState=void 0},y.prototype.upgrade=function(){this.setVersion(a.MaxFileVersion)},y.prototype.setVersion=function(e){this.meta.headerHash=null,this.meta.settingsChanged=new Date,this.header.setVersion(e)},y.prototype.setKdf=function(e){this.meta.headerHash=null,this.meta.settingsChanged=new Date,this.header.setKdf(e)},y.prototype._getObjectMap=function(){var e={},t={};return this.getDefaultGroup().forEach((function(t,r){var i=t||r;if(e[i.uuid])throw new n(f.ErrorCodes.MergeError,"Duplicate: "+i.uuid);e[i.uuid]=i})),this.deletedObjects.forEach((function(e){t[e.uuid]=e.deletionTime})),{objects:e,deleted:t}},y.prototype._loadFromXml=function(e){if(this.xml.documentElement.tagName!==p.Elem.DocNode)throw new n(f.ErrorCodes.FileCorrupt,"bad xml root");this._parseMeta(e);var t=this;return this.binaries.hash().then((function(){return t._parseRoot(e),t}))},y.prototype._parseMeta=function(e){var t=m.getChildNode(this.xml.documentElement,p.Elem.Meta,"no meta node");this.meta=s.read(t,e)},y.prototype._parseRoot=function(e){this.groups=[],this.deletedObjects=[];for(var t=0,r=m.getChildNode(this.xml.documentElement,p.Elem.Root,"no root node").childNodes,i=r.length;t<i;t++){var n=r[t];switch(n.tagName){case p.Elem.Group:this._readGroup(n,e);break;case p.Elem.DeletedObjects:this._readDeletedObjects(n)}}},y.prototype._readDeletedObjects=function(e){for(var t=0,r=e.childNodes,i=r.length;t<i;t++){var n=r[t];switch(n.tagName){case p.Elem.DeletedObject:this.deletedObjects.push(l.read(n))}}},y.prototype._readGroup=function(e,t){this.groups.push(h.read(e,t))},y.prototype._buildXml=function(e){var t=m.create(p.Elem.DocNode);this.meta.write(t.documentElement,e);var r=m.addChildNode(t.documentElement,p.Elem.Root);this.groups.forEach((function(t){t.write(r,e)}),this);var i=m.addChildNode(r,p.Elem.DeletedObjects);this.deletedObjects.forEach((function(t){t.write(i,e)}),this),this.xml=t},e.exports=y},function(e,t,r){"use strict";var i=r(16),n=r(2),o=r(22),a=r(43),s=r(3),d=r(11),h=r(0),u=r(4),l=r(8),c=r(1),f=r(45),p=r(46),m=r(47),y=r(25),g=r(48),_=function(e){this.kdbx=e};_.prototype.load=function(e){var t=new d(e),r=this.kdbx,i=this;return i.ctx=new a({kdbx:r}),r.credentials.ready.then((function(){if(r.header=o.read(t,i.ctx),3===r.header.versionMajor)return i._loadV3(t);if(4===r.header.versionMajor)return i._loadV4(t);throw new n(c.ErrorCodes.InvalidVersion,"bad version: "+r.header.versionMajor)}))},_.prototype._loadV3=function(e){var t=this.kdbx,r=this;return r._decryptXmlV3(t,e).then((function(i){return t.xml=u.parse(i),r._setProtectedValues().then((function(){return t._loadFromXml(r.ctx).then((function(){return r._checkHeaderHashV3(e).then((function(){return t}))}))}))}))},_.prototype._loadV4=function(e){var t=this;return t._getHeaderHash(e).then((function(r){var o=e.readBytes(r.byteLength);if(!h.arrayBufferEquals(o,r))throw new n(c.ErrorCodes.FileCorrupt,"header hash mismatch");return t._computeKeysV4().then((function(r){return t._getHeaderHmac(e,r.hmacKey).then((function(o){var a=e.readBytes(o.byteLength);if(!h.arrayBufferEquals(a,o))throw new n(c.ErrorCodes.InvalidKey);return p.decrypt(e.readBytesToEnd(),r.hmacKey).then((function(n){return h.zeroBuffer(r.hmacKey),t._decryptData(n,r.cipherKey).then((function(n){h.zeroBuffer(r.cipherKey),t.kdbx.header.compression===c.CompressionAlgorithm.GZip&&(n=i.ungzip(n)),e=new d(h.arrayToBuffer(n)),t.kdbx.header.readInnerHeader(e,t.ctx),n=e.readBytesToEnd();var o=h.bytesToString(n);return t.kdbx.xml=u.parse(o),t._setProtectedValues().then((function(){return t.kdbx._loadFromXml(t.ctx)}))}))}))}))}))}))},_.prototype.loadXml=function(e){var t=this.kdbx,r=new a({kdbx:t});return t.credentials.ready.then((function(){return t.header=o.create(),t.xml=u.parse(e),u.protectPlainValues(t.xml.documentElement),t._loadFromXml(r)}))},_.prototype.save=function(){var e=this.kdbx,t=this;return t.ctx=new a({kdbx:e}),e.binaries.assignIds(),e.credentials.ready.then((function(){var r=new d;if(e.header.generateSalts(),e.header.write(r),3===e.header.versionMajor)return t._saveV3(r);if(4===e.header.versionMajor)return t._saveV4(r);throw new n(c.ErrorCodes.InvalidVersion,"bad version: "+e.header.versionMajor)}))},_.prototype._saveV3=function(e){var t=this;return t._getHeaderHash(e).then((function(r){return t.kdbx.meta.headerHash=r,t.kdbx._buildXml(t.ctx),t._getProtectSaltGenerator().then((function(r){return u.updateProtectedValuesSalt(t.kdbx.xml.documentElement,r),t._encryptXmlV3().then((function(t){return e.writeBytes(t),e.getWrittenBytes()}))}))}))},_.prototype._saveV4=function(e){var t=this;return t.kdbx._buildXml(t.ctx),t._getHeaderHash(e).then((function(r){return e.writeBytes(r),t._computeKeysV4().then((function(r){return t._getHeaderHmac(e,r.hmacKey).then((function(n){return e.writeBytes(n),t._getProtectSaltGenerator().then((function(n){u.updateProtectedValuesSalt(t.kdbx.xml.documentElement,n);var o=u.serialize(t.kdbx.xml),a=new d;t.kdbx.header.writeInnerHeader(a,t.ctx);var s=a.getWrittenBytes(),l=h.arrayToBuffer(h.stringToBytes(o)),f=new ArrayBuffer(s.byteLength+l.byteLength),m=new Uint8Array(f);return m.set(new Uint8Array(s)),m.set(new Uint8Array(l),s.byteLength),h.zeroBuffer(l),h.zeroBuffer(s),t.kdbx.header.compression===c.CompressionAlgorithm.GZip&&(f=i.gzip(f)),t._encryptData(h.arrayToBuffer(f),r.cipherKey).then((function(t){return h.zeroBuffer(r.cipherKey),p.encrypt(t,r.hmacKey).then((function(t){return h.zeroBuffer(r.hmacKey),e.writeBytes(t),e.getWrittenBytes()}))}))}))}))}))}))},_.prototype.saveXml=function(e){var t=this.kdbx;return t.credentials.ready.then((function(){t.header.generateSalts();var r=new a({kdbx:t,exportXml:!0});t.binaries.assignIds(),t._buildXml(r),u.unprotectValues(t.xml.documentElement);var i=u.serialize(t.xml,e);return u.protectUnprotectedValues(t.xml.documentElement),i}))},_.prototype._decryptXmlV3=function(e,t){var r=t.readBytesToEnd(),n=this;return n._getMasterKeyV3().then((function(e){return n._decryptData(r,e).then((function(t){return h.zeroBuffer(e),t=n._trimStartBytesV3(t),f.decrypt(t).then((function(e){return n.kdbx.header.compression===c.CompressionAlgorithm.GZip&&(e=i.ungzip(e)),h.bytesToString(e)}))}))}))},_.prototype._encryptXmlV3=function(){var e=this.kdbx,t=this,r=u.serialize(e.xml),n=h.arrayToBuffer(h.stringToBytes(r));return e.header.compression===c.CompressionAlgorithm.GZip&&(n=i.gzip(n)),f.encrypt(h.arrayToBuffer(n)).then((function(r){var i=new Uint8Array(e.header.streamStartBytes),n=new Uint8Array(r.byteLength+i.length);return n.set(i),n.set(new Uint8Array(r),i.length),r=n,t._getMasterKeyV3().then((function(e){return t._encryptData(h.arrayToBuffer(r),e).then((function(t){return h.zeroBuffer(e),t}))}))}))},_.prototype._getMasterKeyV3=function(){var e=this.kdbx;return e.credentials.getHash().then((function(t){var r=e.header.transformSeed,i=e.header.keyEncryptionRounds,n=e.header.masterSeed;return e.credentials.getChallengeResponse(n).then((function(e){return y.encrypt(new Uint8Array(t),r,i).then((function(r){return h.zeroBuffer(t),s.sha256(r).then((function(t){h.zeroBuffer(r);var i=e?e.byteLength:0,o=new Uint8Array(n.byteLength+t.byteLength+i);return o.set(new Uint8Array(n),0),e&&o.set(new Uint8Array(e),n.byteLength),o.set(new Uint8Array(t),n.byteLength+i),h.zeroBuffer(t),h.zeroBuffer(n),e&&h.zeroBuffer(e),s.sha256(o.buffer).then((function(e){return h.zeroBuffer(o.buffer),e}))}))}))}))}))},_.prototype._trimStartBytesV3=function(e){var t=this.kdbx.header.streamStartBytes;if(e.byteLength<t.byteLength)throw new n(c.ErrorCodes.FileCorrupt,"short start bytes");if(!h.arrayBufferEquals(e.slice(0,this.kdbx.header.streamStartBytes.byteLength),t))throw new n(c.ErrorCodes.InvalidKey);return e.slice(t.byteLength)},_.prototype._setProtectedValues=function(){var e=this.kdbx;return this._getProtectSaltGenerator().then((function(t){u.setProtectedValues(e.xml.documentElement,t)}))},_.prototype._getProtectSaltGenerator=function(){return m.create(this.kdbx.header.protectedStreamKey,this.kdbx.header.crsAlgorithm)},_.prototype._getHeaderHash=function(e){var t=e.readBytesNoAdvance(0,this.kdbx.header.endPos);return s.sha256(t)},_.prototype._getHeaderHmac=function(e,t){var r=e.readBytesNoAdvance(0,this.kdbx.header.endPos);return p.getHmacKey(t,new l(4294967295,4294967295)).then((function(e){return s.hmacSha256(e,r)}))},_.prototype._checkHeaderHashV3=function(e){if(this.kdbx.meta.headerHash){var t=this.kdbx.meta.headerHash;return this._getHeaderHash(e).then((function(e){if(!h.arrayBufferEquals(t,e))throw new n(c.ErrorCodes.FileCorrupt,"header hash mismatch")}))}return Promise.resolve()},_.prototype._computeKeysV4=function(){var e=this,t=e.kdbx.header.masterSeed;if(!t||32!==t.byteLength)return Promise.reject(new n(c.ErrorCodes.FileCorrupt,"bad master seed"));var r=e.kdbx.header.kdfParameters,i=r.get("S");return e.kdbx.credentials.getHash(i).then((function(e){return g.encrypt(e,r).then((function(r){if(h.zeroBuffer(e),!r||32!==r.byteLength)return Promise.reject(new n(c.ErrorCodes.Unsupported,"bad derived key"));var i=new Uint8Array(65);return i.set(new Uint8Array(t),0),i.set(new Uint8Array(r),t.byteLength),i[64]=1,h.zeroBuffer(r),h.zeroBuffer(t),Promise.all([s.sha256(i.buffer.slice(0,64)),s.sha512(i.buffer)]).then((function(e){return h.zeroBuffer(i),{cipherKey:e[0],hmacKey:e[1]}}))}))}))},_.prototype._decryptData=function(e,t){switch(this.kdbx.header.dataCipherUuid.toString()){case c.CipherId.Aes:return this._transformDataV4Aes(e,t,!1);case c.CipherId.ChaCha20:return this._transformDataV4ChaCha20(e,t);default:return Promise.reject(new n(c.ErrorCodes.Unsupported,"unsupported cipher"))}},_.prototype._encryptData=function(e,t){switch(this.kdbx.header.dataCipherUuid.toString()){case c.CipherId.Aes:return this._transformDataV4Aes(e,t,!0);case c.CipherId.ChaCha20:return this._transformDataV4ChaCha20(e,t);default:return Promise.reject(new n(c.ErrorCodes.Unsupported,"unsupported cipher"))}},_.prototype._transformDataV4Aes=function(e,t,r){var i=this,n=s.createAesCbc();return n.importKey(t).then((function(){return r?n.encrypt(e,i.kdbx.header.encryptionIV):n.decrypt(e,i.kdbx.header.encryptionIV)}))},_.prototype._transformDataV4ChaCha20=function(e,t){return s.chacha20(e,t,this.kdbx.header.encryptionIV)},e.exports=_},function(e,t,r){"use strict";var i=r(33),n=r(5),o=r(19),a=r(12),s=r(20),d=Object.prototype.toString;function h(e){if(!(this instanceof h))return new h(e);this.options=n.assign({level:-1,method:8,chunkSize:16384,windowBits:15,memLevel:8,strategy:0,to:""},e||{});var t=this.options;t.raw&&t.windowBits>0?t.windowBits=-t.windowBits:t.gzip&&t.windowBits>0&&t.windowBits<16&&(t.windowBits+=16),this.err=0,this.msg="",this.ended=!1,this.chunks=[],this.strm=new s,this.strm.avail_out=0;var r=i.deflateInit2(this.strm,t.level,t.method,t.windowBits,t.memLevel,t.strategy);if(0!==r)throw new Error(a[r]);if(t.header&&i.deflateSetHeader(this.strm,t.header),t.dictionary){var u;if(u="string"==typeof t.dictionary?o.string2buf(t.dictionary):"[object ArrayBuffer]"===d.call(t.dictionary)?new Uint8Array(t.dictionary):t.dictionary,0!==(r=i.deflateSetDictionary(this.strm,u)))throw new Error(a[r]);this._dict_set=!0}}function u(e,t){var r=new h(t);if(r.push(e,!0),r.err)throw r.msg;return r.result}h.prototype.push=function(e,t){var r,a,s=this.strm,h=this.options.chunkSize;if(this.ended)return!1;a=t===~~t?t:!0===t?4:0,"string"==typeof e?s.input=o.string2buf(e):"[object ArrayBuffer]"===d.call(e)?s.input=new Uint8Array(e):s.input=e,s.next_in=0,s.avail_in=s.input.length;do{if(0===s.avail_out&&(s.output=new n.Buf8(h),s.next_out=0,s.avail_out=h),1!==(r=i.deflate(s,a))&&0!==r)return this.onEnd(r),this.ended=!0,!1;0!==s.avail_out&&(0!==s.avail_in||4!==a&&2!==a)||("string"===this.options.to?this.onData(o.buf2binstring(n.shrinkBuf(s.output,s.next_out))):this.onData(n.shrinkBuf(s.output,s.next_out)))}while((s.avail_in>0||0===s.avail_out)&&1!==r);return 4===a?(r=i.deflateEnd(this.strm),this.onEnd(r),this.ended=!0,0===r):2!==a||(this.onEnd(0),s.avail_out=0,!0)},h.prototype.onData=function(e){this.chunks.push(e)},h.prototype.onEnd=function(e){0===e&&("string"===this.options.to?this.result=this.chunks.join(""):this.result=n.flattenChunks(this.chunks)),this.chunks=[],this.err=e,this.msg=this.strm.msg},t.Deflate=h,t.deflate=u,t.deflateRaw=function(e,t){return(t=t||{}).raw=!0,u(e,t)},t.gzip=function(e,t){return(t=t||{}).gzip=!0,u(e,t)}},function(e,t,r){"use strict";var i,n=r(5),o=r(34),a=r(17),s=r(18),d=r(12),h=-2,u=258,l=262,c=103,f=113,p=666;function m(e,t){return e.msg=d[t],t}function y(e){return(e<<1)-(e>4?9:0)}function g(e){for(var t=e.length;--t>=0;)e[t]=0}function _(e){var t=e.state,r=t.pending;r>e.avail_out&&(r=e.avail_out),0!==r&&(n.arraySet(e.output,t.pending_buf,t.pending_out,r,e.next_out),e.next_out+=r,t.pending_out+=r,e.total_out+=r,e.avail_out-=r,t.pending-=r,0===t.pending&&(t.pending_out=0))}function b(e,t){o._tr_flush_block(e,e.block_start>=0?e.block_start:-1,e.strstart-e.block_start,t),e.block_start=e.strstart,_(e.strm)}function v(e,t){e.pending_buf[e.pending++]=t}function w(e,t){e.pending_buf[e.pending++]=t>>>8&255,e.pending_buf[e.pending++]=255&t}function k(e,t){var r,i,n=e.max_chain_length,o=e.strstart,a=e.prev_length,s=e.nice_match,d=e.strstart>e.w_size-l?e.strstart-(e.w_size-l):0,h=e.window,c=e.w_mask,f=e.prev,p=e.strstart+u,m=h[o+a-1],y=h[o+a];e.prev_length>=e.good_match&&(n>>=2),s>e.lookahead&&(s=e.lookahead);do{if(h[(r=t)+a]===y&&h[r+a-1]===m&&h[r]===h[o]&&h[++r]===h[o+1]){o+=2,r++;do{}while(h[++o]===h[++r]&&h[++o]===h[++r]&&h[++o]===h[++r]&&h[++o]===h[++r]&&h[++o]===h[++r]&&h[++o]===h[++r]&&h[++o]===h[++r]&&h[++o]===h[++r]&&o<p);if(i=u-(p-o),o=p-u,i>a){if(e.match_start=t,a=i,i>=s)break;m=h[o+a-1],y=h[o+a]}}}while((t=f[t&c])>d&&0!=--n);return a<=e.lookahead?a:e.lookahead}function C(e){var t,r,i,o,d,h,u,c,f,p,m=e.w_size;do{if(o=e.window_size-e.lookahead-e.strstart,e.strstart>=m+(m-l)){n.arraySet(e.window,e.window,m,m,0),e.match_start-=m,e.strstart-=m,e.block_start-=m,t=r=e.hash_size;do{i=e.head[--t],e.head[t]=i>=m?i-m:0}while(--r);t=r=m;do{i=e.prev[--t],e.prev[t]=i>=m?i-m:0}while(--r);o+=m}if(0===e.strm.avail_in)break;if(h=e.strm,u=e.window,c=e.strstart+e.lookahead,f=o,p=void 0,(p=h.avail_in)>f&&(p=f),r=0===p?0:(h.avail_in-=p,n.arraySet(u,h.input,h.next_in,p,c),1===h.state.wrap?h.adler=a(h.adler,u,p,c):2===h.state.wrap&&(h.adler=s(h.adler,u,p,c)),h.next_in+=p,h.total_in+=p,p),e.lookahead+=r,e.lookahead+e.insert>=3)for(d=e.strstart-e.insert,e.ins_h=e.window[d],e.ins_h=(e.ins_h<<e.hash_shift^e.window[d+1])&e.hash_mask;e.insert&&(e.ins_h=(e.ins_h<<e.hash_shift^e.window[d+3-1])&e.hash_mask,e.prev[d&e.w_mask]=e.head[e.ins_h],e.head[e.ins_h]=d,d++,e.insert--,!(e.lookahead+e.insert<3)););}while(e.lookahead<l&&0!==e.strm.avail_in)}function x(e,t){for(var r,i;;){if(e.lookahead<l){if(C(e),e.lookahead<l&&0===t)return 1;if(0===e.lookahead)break}if(r=0,e.lookahead>=3&&(e.ins_h=(e.ins_h<<e.hash_shift^e.window[e.strstart+3-1])&e.hash_mask,r=e.prev[e.strstart&e.w_mask]=e.head[e.ins_h],e.head[e.ins_h]=e.strstart),0!==r&&e.strstart-r<=e.w_size-l&&(e.match_length=k(e,r)),e.match_length>=3)if(i=o._tr_tally(e,e.strstart-e.match_start,e.match_length-3),e.lookahead-=e.match_length,e.match_length<=e.max_lazy_match&&e.lookahead>=3){e.match_length--;do{e.strstart++,e.ins_h=(e.ins_h<<e.hash_shift^e.window[e.strstart+3-1])&e.hash_mask,r=e.prev[e.strstart&e.w_mask]=e.head[e.ins_h],e.head[e.ins_h]=e.strstart}while(0!=--e.match_length);e.strstart++}else e.strstart+=e.match_length,e.match_length=0,e.ins_h=e.window[e.strstart],e.ins_h=(e.ins_h<<e.hash_shift^e.window[e.strstart+1])&e.hash_mask;else i=o._tr_tally(e,0,e.window[e.strstart]),e.lookahead--,e.strstart++;if(i&&(b(e,!1),0===e.strm.avail_out))return 1}return e.insert=e.strstart<2?e.strstart:2,4===t?(b(e,!0),0===e.strm.avail_out?3:4):e.last_lit&&(b(e,!1),0===e.strm.avail_out)?1:2}function E(e,t){for(var r,i,n;;){if(e.lookahead<l){if(C(e),e.lookahead<l&&0===t)return 1;if(0===e.lookahead)break}if(r=0,e.lookahead>=3&&(e.ins_h=(e.ins_h<<e.hash_shift^e.window[e.strstart+3-1])&e.hash_mask,r=e.prev[e.strstart&e.w_mask]=e.head[e.ins_h],e.head[e.ins_h]=e.strstart),e.prev_length=e.match_length,e.prev_match=e.match_start,e.match_length=2,0!==r&&e.prev_length<e.max_lazy_match&&e.strstart-r<=e.w_size-l&&(e.match_length=k(e,r),e.match_length<=5&&(1===e.strategy||3===e.match_length&&e.strstart-e.match_start>4096)&&(e.match_length=2)),e.prev_length>=3&&e.match_length<=e.prev_length){n=e.strstart+e.lookahead-3,i=o._tr_tally(e,e.strstart-1-e.prev_match,e.prev_length-3),e.lookahead-=e.prev_length-1,e.prev_length-=2;do{++e.strstart<=n&&(e.ins_h=(e.ins_h<<e.hash_shift^e.window[e.strstart+3-1])&e.hash_mask,r=e.prev[e.strstart&e.w_mask]=e.head[e.ins_h],e.head[e.ins_h]=e.strstart)}while(0!=--e.prev_length);if(e.match_available=0,e.match_length=2,e.strstart++,i&&(b(e,!1),0===e.strm.avail_out))return 1}else if(e.match_available){if((i=o._tr_tally(e,0,e.window[e.strstart-1]))&&b(e,!1),e.strstart++,e.lookahead--,0===e.strm.avail_out)return 1}else e.match_available=1,e.strstart++,e.lookahead--}return e.match_available&&(i=o._tr_tally(e,0,e.window[e.strstart-1]),e.match_available=0),e.insert=e.strstart<2?e.strstart:2,4===t?(b(e,!0),0===e.strm.avail_out?3:4):e.last_lit&&(b(e,!1),0===e.strm.avail_out)?1:2}function B(e,t,r,i,n){this.good_length=e,this.max_lazy=t,this.nice_length=r,this.max_chain=i,this.func=n}function T(){this.strm=null,this.status=0,this.pending_buf=null,this.pending_buf_size=0,this.pending_out=0,this.pending=0,this.wrap=0,this.gzhead=null,this.gzindex=0,this.method=8,this.last_flush=-1,this.w_size=0,this.w_bits=0,this.w_mask=0,this.window=null,this.window_size=0,this.prev=null,this.head=null,this.ins_h=0,this.hash_size=0,this.hash_bits=0,this.hash_mask=0,this.hash_shift=0,this.block_start=0,this.match_length=0,this.prev_match=0,this.match_available=0,this.strstart=0,this.match_start=0,this.lookahead=0,this.prev_length=0,this.max_chain_length=0,this.max_lazy_match=0,this.level=0,this.strategy=0,this.good_match=0,this.nice_match=0,this.dyn_ltree=new n.Buf16(1146),this.dyn_dtree=new n.Buf16(122),this.bl_tree=new n.Buf16(78),g(this.dyn_ltree),g(this.dyn_dtree),g(this.bl_tree),this.l_desc=null,this.d_desc=null,this.bl_desc=null,this.bl_count=new n.Buf16(16),this.heap=new n.Buf16(573),g(this.heap),this.heap_len=0,this.heap_max=0,this.depth=new n.Buf16(573),g(this.depth),this.l_buf=0,this.lit_bufsize=0,this.last_lit=0,this.d_buf=0,this.opt_len=0,this.static_len=0,this.matches=0,this.insert=0,this.bi_buf=0,this.bi_valid=0}function A(e){var t;return e&&e.state?(e.total_in=e.total_out=0,e.data_type=2,(t=e.state).pending=0,t.pending_out=0,t.wrap<0&&(t.wrap=-t.wrap),t.status=t.wrap?42:f,e.adler=2===t.wrap?0:1,t.last_flush=0,o._tr_init(t),0):m(e,h)}function S(e){var t,r=A(e);return 0===r&&((t=e.state).window_size=2*t.w_size,g(t.head),t.max_lazy_match=i[t.level].max_lazy,t.good_match=i[t.level].good_length,t.nice_match=i[t.level].nice_length,t.max_chain_length=i[t.level].max_chain,t.strstart=0,t.block_start=0,t.lookahead=0,t.insert=0,t.match_length=t.prev_length=2,t.match_available=0,t.ins_h=0),r}function U(e,t,r,i,o,a){if(!e)return h;var s=1;if(-1===t&&(t=6),i<0?(s=0,i=-i):i>15&&(s=2,i-=16),o<1||o>9||8!==r||i<8||i>15||t<0||t>9||a<0||a>4)return m(e,h);8===i&&(i=9);var d=new T;return e.state=d,d.strm=e,d.wrap=s,d.gzhead=null,d.w_bits=i,d.w_size=1<<d.w_bits,d.w_mask=d.w_size-1,d.hash_bits=o+7,d.hash_size=1<<d.hash_bits,d.hash_mask=d.hash_size-1,d.hash_shift=~~((d.hash_bits+3-1)/3),d.window=new n.Buf8(2*d.w_size),d.head=new n.Buf16(d.hash_size),d.prev=new n.Buf16(d.w_size),d.lit_bufsize=1<<o+6,d.pending_buf_size=4*d.lit_bufsize,d.pending_buf=new n.Buf8(d.pending_buf_size),d.d_buf=1*d.lit_bufsize,d.l_buf=3*d.lit_bufsize,d.level=t,d.strategy=a,d.method=r,S(e)}i=[new B(0,0,0,0,(function(e,t){var r=65535;for(r>e.pending_buf_size-5&&(r=e.pending_buf_size-5);;){if(e.lookahead<=1){if(C(e),0===e.lookahead&&0===t)return 1;if(0===e.lookahead)break}e.strstart+=e.lookahead,e.lookahead=0;var i=e.block_start+r;if((0===e.strstart||e.strstart>=i)&&(e.lookahead=e.strstart-i,e.strstart=i,b(e,!1),0===e.strm.avail_out))return 1;if(e.strstart-e.block_start>=e.w_size-l&&(b(e,!1),0===e.strm.avail_out))return 1}return e.insert=0,4===t?(b(e,!0),0===e.strm.avail_out?3:4):(e.strstart>e.block_start&&(b(e,!1),e.strm.avail_out),1)})),new B(4,4,8,4,x),new B(4,5,16,8,x),new B(4,6,32,32,x),new B(4,4,16,16,E),new B(8,16,32,32,E),new B(8,16,128,128,E),new B(8,32,128,256,E),new B(32,128,258,1024,E),new B(32,258,258,4096,E)],t.deflateInit=function(e,t){return U(e,t,8,15,8,0)},t.deflateInit2=U,t.deflateReset=S,t.deflateResetKeep=A,t.deflateSetHeader=function(e,t){return e&&e.state?2!==e.state.wrap?h:(e.state.gzhead=t,0):h},t.deflate=function(e,t){var r,n,a,d;if(!e||!e.state||t>5||t<0)return e?m(e,h):h;if(n=e.state,!e.output||!e.input&&0!==e.avail_in||n.status===p&&4!==t)return m(e,0===e.avail_out?-5:h);if(n.strm=e,r=n.last_flush,n.last_flush=t,42===n.status)if(2===n.wrap)e.adler=0,v(n,31),v(n,139),v(n,8),n.gzhead?(v(n,(n.gzhead.text?1:0)+(n.gzhead.hcrc?2:0)+(n.gzhead.extra?4:0)+(n.gzhead.name?8:0)+(n.gzhead.comment?16:0)),v(n,255&n.gzhead.time),v(n,n.gzhead.time>>8&255),v(n,n.gzhead.time>>16&255),v(n,n.gzhead.time>>24&255),v(n,9===n.level?2:n.strategy>=2||n.level<2?4:0),v(n,255&n.gzhead.os),n.gzhead.extra&&n.gzhead.extra.length&&(v(n,255&n.gzhead.extra.length),v(n,n.gzhead.extra.length>>8&255)),n.gzhead.hcrc&&(e.adler=s(e.adler,n.pending_buf,n.pending,0)),n.gzindex=0,n.status=69):(v(n,0),v(n,0),v(n,0),v(n,0),v(n,0),v(n,9===n.level?2:n.strategy>=2||n.level<2?4:0),v(n,3),n.status=f);else{var l=8+(n.w_bits-8<<4)<<8;l|=(n.strategy>=2||n.level<2?0:n.level<6?1:6===n.level?2:3)<<6,0!==n.strstart&&(l|=32),l+=31-l%31,n.status=f,w(n,l),0!==n.strstart&&(w(n,e.adler>>>16),w(n,65535&e.adler)),e.adler=1}if(69===n.status)if(n.gzhead.extra){for(a=n.pending;n.gzindex<(65535&n.gzhead.extra.length)&&(n.pending!==n.pending_buf_size||(n.gzhead.hcrc&&n.pending>a&&(e.adler=s(e.adler,n.pending_buf,n.pending-a,a)),_(e),a=n.pending,n.pending!==n.pending_buf_size));)v(n,255&n.gzhead.extra[n.gzindex]),n.gzindex++;n.gzhead.hcrc&&n.pending>a&&(e.adler=s(e.adler,n.pending_buf,n.pending-a,a)),n.gzindex===n.gzhead.extra.length&&(n.gzindex=0,n.status=73)}else n.status=73;if(73===n.status)if(n.gzhead.name){a=n.pending;do{if(n.pending===n.pending_buf_size&&(n.gzhead.hcrc&&n.pending>a&&(e.adler=s(e.adler,n.pending_buf,n.pending-a,a)),_(e),a=n.pending,n.pending===n.pending_buf_size)){d=1;break}d=n.gzindex<n.gzhead.name.length?255&n.gzhead.name.charCodeAt(n.gzindex++):0,v(n,d)}while(0!==d);n.gzhead.hcrc&&n.pending>a&&(e.adler=s(e.adler,n.pending_buf,n.pending-a,a)),0===d&&(n.gzindex=0,n.status=91)}else n.status=91;if(91===n.status)if(n.gzhead.comment){a=n.pending;do{if(n.pending===n.pending_buf_size&&(n.gzhead.hcrc&&n.pending>a&&(e.adler=s(e.adler,n.pending_buf,n.pending-a,a)),_(e),a=n.pending,n.pending===n.pending_buf_size)){d=1;break}d=n.gzindex<n.gzhead.comment.length?255&n.gzhead.comment.charCodeAt(n.gzindex++):0,v(n,d)}while(0!==d);n.gzhead.hcrc&&n.pending>a&&(e.adler=s(e.adler,n.pending_buf,n.pending-a,a)),0===d&&(n.status=c)}else n.status=c;if(n.status===c&&(n.gzhead.hcrc?(n.pending+2>n.pending_buf_size&&_(e),n.pending+2<=n.pending_buf_size&&(v(n,255&e.adler),v(n,e.adler>>8&255),e.adler=0,n.status=f)):n.status=f),0!==n.pending){if(_(e),0===e.avail_out)return n.last_flush=-1,0}else if(0===e.avail_in&&y(t)<=y(r)&&4!==t)return m(e,-5);if(n.status===p&&0!==e.avail_in)return m(e,-5);if(0!==e.avail_in||0!==n.lookahead||0!==t&&n.status!==p){var k=2===n.strategy?function(e,t){for(var r;;){if(0===e.lookahead&&(C(e),0===e.lookahead)){if(0===t)return 1;break}if(e.match_length=0,r=o._tr_tally(e,0,e.window[e.strstart]),e.lookahead--,e.strstart++,r&&(b(e,!1),0===e.strm.avail_out))return 1}return e.insert=0,4===t?(b(e,!0),0===e.strm.avail_out?3:4):e.last_lit&&(b(e,!1),0===e.strm.avail_out)?1:2}(n,t):3===n.strategy?function(e,t){for(var r,i,n,a,s=e.window;;){if(e.lookahead<=u){if(C(e),e.lookahead<=u&&0===t)return 1;if(0===e.lookahead)break}if(e.match_length=0,e.lookahead>=3&&e.strstart>0&&(i=s[n=e.strstart-1])===s[++n]&&i===s[++n]&&i===s[++n]){a=e.strstart+u;do{}while(i===s[++n]&&i===s[++n]&&i===s[++n]&&i===s[++n]&&i===s[++n]&&i===s[++n]&&i===s[++n]&&i===s[++n]&&n<a);e.match_length=u-(a-n),e.match_length>e.lookahead&&(e.match_length=e.lookahead)}if(e.match_length>=3?(r=o._tr_tally(e,1,e.match_length-3),e.lookahead-=e.match_length,e.strstart+=e.match_length,e.match_length=0):(r=o._tr_tally(e,0,e.window[e.strstart]),e.lookahead--,e.strstart++),r&&(b(e,!1),0===e.strm.avail_out))return 1}return e.insert=0,4===t?(b(e,!0),0===e.strm.avail_out?3:4):e.last_lit&&(b(e,!1),0===e.strm.avail_out)?1:2}(n,t):i[n.level].func(n,t);if(3!==k&&4!==k||(n.status=p),1===k||3===k)return 0===e.avail_out&&(n.last_flush=-1),0;if(2===k&&(1===t?o._tr_align(n):5!==t&&(o._tr_stored_block(n,0,0,!1),3===t&&(g(n.head),0===n.lookahead&&(n.strstart=0,n.block_start=0,n.insert=0))),_(e),0===e.avail_out))return n.last_flush=-1,0}return 4!==t?0:n.wrap<=0?1:(2===n.wrap?(v(n,255&e.adler),v(n,e.adler>>8&255),v(n,e.adler>>16&255),v(n,e.adler>>24&255),v(n,255&e.total_in),v(n,e.total_in>>8&255),v(n,e.total_in>>16&255),v(n,e.total_in>>24&255)):(w(n,e.adler>>>16),w(n,65535&e.adler)),_(e),n.wrap>0&&(n.wrap=-n.wrap),0!==n.pending?0:1)},t.deflateEnd=function(e){var t;return e&&e.state?42!==(t=e.state.status)&&69!==t&&73!==t&&91!==t&&t!==c&&t!==f&&t!==p?m(e,h):(e.state=null,t===f?m(e,-3):0):h},t.deflateSetDictionary=function(e,t){var r,i,o,s,d,u,l,c,f=t.length;if(!e||!e.state)return h;if(2===(s=(r=e.state).wrap)||1===s&&42!==r.status||r.lookahead)return h;for(1===s&&(e.adler=a(e.adler,t,f,0)),r.wrap=0,f>=r.w_size&&(0===s&&(g(r.head),r.strstart=0,r.block_start=0,r.insert=0),c=new n.Buf8(r.w_size),n.arraySet(c,t,f-r.w_size,r.w_size,0),t=c,f=r.w_size),d=e.avail_in,u=e.next_in,l=e.input,e.avail_in=f,e.next_in=0,e.input=t,C(r);r.lookahead>=3;){i=r.strstart,o=r.lookahead-2;do{r.ins_h=(r.ins_h<<r.hash_shift^r.window[i+3-1])&r.hash_mask,r.prev[i&r.w_mask]=r.head[r.ins_h],r.head[r.ins_h]=i,i++}while(--o);r.strstart=i,r.lookahead=2,C(r)}return r.strstart+=r.lookahead,r.block_start=r.strstart,r.insert=r.lookahead,r.lookahead=0,r.match_length=r.prev_length=2,r.match_available=0,e.next_in=u,e.input=l,e.avail_in=d,r.wrap=s,0},t.deflateInfo="pako deflate (from Nodeca project)"},function(e,t,r){"use strict";var i=r(5);function n(e){for(var t=e.length;--t>=0;)e[t]=0}var o=256,a=286,s=30,d=15,h=[0,0,0,0,0,0,0,0,1,1,1,1,2,2,2,2,3,3,3,3,4,4,4,4,5,5,5,5,0],u=[0,0,0,0,1,1,2,2,3,3,4,4,5,5,6,6,7,7,8,8,9,9,10,10,11,11,12,12,13,13],l=[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,3,7],c=[16,17,18,0,8,7,9,6,10,5,11,4,12,3,13,2,14,1,15],f=new Array(576);n(f);var p=new Array(60);n(p);var m=new Array(512);n(m);var y=new Array(256);n(y);var g=new Array(29);n(g);var _,b,v,w=new Array(s);function k(e,t,r,i,n){this.static_tree=e,this.extra_bits=t,this.extra_base=r,this.elems=i,this.max_length=n,this.has_stree=e&&e.length}function C(e,t){this.dyn_tree=e,this.max_code=0,this.stat_desc=t}function x(e){return e<256?m[e]:m[256+(e>>>7)]}function E(e,t){e.pending_buf[e.pending++]=255&t,e.pending_buf[e.pending++]=t>>>8&255}function B(e,t,r){e.bi_valid>16-r?(e.bi_buf|=t<<e.bi_valid&65535,E(e,e.bi_buf),e.bi_buf=t>>16-e.bi_valid,e.bi_valid+=r-16):(e.bi_buf|=t<<e.bi_valid&65535,e.bi_valid+=r)}function T(e,t,r){B(e,r[2*t],r[2*t+1])}function A(e,t){var r=0;do{r|=1&e,e>>>=1,r<<=1}while(--t>0);return r>>>1}function S(e,t,r){var i,n,o=new Array(16),a=0;for(i=1;i<=d;i++)o[i]=a=a+r[i-1]<<1;for(n=0;n<=t;n++){var s=e[2*n+1];0!==s&&(e[2*n]=A(o[s]++,s))}}function U(e){var t;for(t=0;t<a;t++)e.dyn_ltree[2*t]=0;for(t=0;t<s;t++)e.dyn_dtree[2*t]=0;for(t=0;t<19;t++)e.bl_tree[2*t]=0;e.dyn_ltree[512]=1,e.opt_len=e.static_len=0,e.last_lit=e.matches=0}function D(e){e.bi_valid>8?E(e,e.bi_buf):e.bi_valid>0&&(e.pending_buf[e.pending++]=e.bi_buf),e.bi_buf=0,e.bi_valid=0}function I(e,t,r,i){var n=2*t,o=2*r;return e[n]<e[o]||e[n]===e[o]&&i[t]<=i[r]}function N(e,t,r){for(var i=e.heap[r],n=r<<1;n<=e.heap_len&&(n<e.heap_len&&I(t,e.heap[n+1],e.heap[n],e.depth)&&n++,!I(t,i,e.heap[n],e.depth));)e.heap[r]=e.heap[n],r=n,n<<=1;e.heap[r]=i}function P(e,t,r){var i,n,a,s,d=0;if(0!==e.last_lit)do{i=e.pending_buf[e.d_buf+2*d]<<8|e.pending_buf[e.d_buf+2*d+1],n=e.pending_buf[e.l_buf+d],d++,0===i?T(e,n,t):(T(e,(a=y[n])+o+1,t),0!==(s=h[a])&&B(e,n-=g[a],s),T(e,a=x(--i),r),0!==(s=u[a])&&B(e,i-=w[a],s))}while(d<e.last_lit);T(e,256,t)}function M(e,t){var r,i,n,o=t.dyn_tree,a=t.stat_desc.static_tree,s=t.stat_desc.has_stree,h=t.stat_desc.elems,u=-1;for(e.heap_len=0,e.heap_max=573,r=0;r<h;r++)0!==o[2*r]?(e.heap[++e.heap_len]=u=r,e.depth[r]=0):o[2*r+1]=0;for(;e.heap_len<2;)o[2*(n=e.heap[++e.heap_len]=u<2?++u:0)]=1,e.depth[n]=0,e.opt_len--,s&&(e.static_len-=a[2*n+1]);for(t.max_code=u,r=e.heap_len>>1;r>=1;r--)N(e,o,r);n=h;do{r=e.heap[1],e.heap[1]=e.heap[e.heap_len--],N(e,o,1),i=e.heap[1],e.heap[--e.heap_max]=r,e.heap[--e.heap_max]=i,o[2*n]=o[2*r]+o[2*i],e.depth[n]=(e.depth[r]>=e.depth[i]?e.depth[r]:e.depth[i])+1,o[2*r+1]=o[2*i+1]=n,e.heap[1]=n++,N(e,o,1)}while(e.heap_len>=2);e.heap[--e.heap_max]=e.heap[1],function(e,t){var r,i,n,o,a,s,h=t.dyn_tree,u=t.max_code,l=t.stat_desc.static_tree,c=t.stat_desc.has_stree,f=t.stat_desc.extra_bits,p=t.stat_desc.extra_base,m=t.stat_desc.max_length,y=0;for(o=0;o<=d;o++)e.bl_count[o]=0;for(h[2*e.heap[e.heap_max]+1]=0,r=e.heap_max+1;r<573;r++)(o=h[2*h[2*(i=e.heap[r])+1]+1]+1)>m&&(o=m,y++),h[2*i+1]=o,i>u||(e.bl_count[o]++,a=0,i>=p&&(a=f[i-p]),s=h[2*i],e.opt_len+=s*(o+a),c&&(e.static_len+=s*(l[2*i+1]+a)));if(0!==y){do{for(o=m-1;0===e.bl_count[o];)o--;e.bl_count[o]--,e.bl_count[o+1]+=2,e.bl_count[m]--,y-=2}while(y>0);for(o=m;0!==o;o--)for(i=e.bl_count[o];0!==i;)(n=e.heap[--r])>u||(h[2*n+1]!==o&&(e.opt_len+=(o-h[2*n+1])*h[2*n],h[2*n+1]=o),i--)}}(e,t),S(o,u,e.bl_count)}function F(e,t,r){var i,n,o=-1,a=t[1],s=0,d=7,h=4;for(0===a&&(d=138,h=3),t[2*(r+1)+1]=65535,i=0;i<=r;i++)n=a,a=t[2*(i+1)+1],++s<d&&n===a||(s<h?e.bl_tree[2*n]+=s:0!==n?(n!==o&&e.bl_tree[2*n]++,e.bl_tree[32]++):s<=10?e.bl_tree[34]++:e.bl_tree[36]++,s=0,o=n,0===a?(d=138,h=3):n===a?(d=6,h=3):(d=7,h=4))}function z(e,t,r){var i,n,o=-1,a=t[1],s=0,d=7,h=4;for(0===a&&(d=138,h=3),i=0;i<=r;i++)if(n=a,a=t[2*(i+1)+1],!(++s<d&&n===a)){if(s<h)do{T(e,n,e.bl_tree)}while(0!=--s);else 0!==n?(n!==o&&(T(e,n,e.bl_tree),s--),T(e,16,e.bl_tree),B(e,s-3,2)):s<=10?(T(e,17,e.bl_tree),B(e,s-3,3)):(T(e,18,e.bl_tree),B(e,s-11,7));s=0,o=n,0===a?(d=138,h=3):n===a?(d=6,h=3):(d=7,h=4)}}n(w);var O=!1;function V(e,t,r,n){B(e,0+(n?1:0),3),function(e,t,r,n){D(e),n&&(E(e,r),E(e,~r)),i.arraySet(e.pending_buf,e.window,t,r,e.pending),e.pending+=r}(e,t,r,!0)}t._tr_init=function(e){O||(!function(){var e,t,r,i,n,o=new Array(16);for(r=0,i=0;i<28;i++)for(g[i]=r,e=0;e<1<<h[i];e++)y[r++]=i;for(y[r-1]=i,n=0,i=0;i<16;i++)for(w[i]=n,e=0;e<1<<u[i];e++)m[n++]=i;for(n>>=7;i<s;i++)for(w[i]=n<<7,e=0;e<1<<u[i]-7;e++)m[256+n++]=i;for(t=0;t<=d;t++)o[t]=0;for(e=0;e<=143;)f[2*e+1]=8,e++,o[8]++;for(;e<=255;)f[2*e+1]=9,e++,o[9]++;for(;e<=279;)f[2*e+1]=7,e++,o[7]++;for(;e<=287;)f[2*e+1]=8,e++,o[8]++;for(S(f,287,o),e=0;e<s;e++)p[2*e+1]=5,p[2*e]=A(e,5);_=new k(f,h,257,a,d),b=new k(p,u,0,s,d),v=new k(new Array(0),l,0,19,7)}(),O=!0),e.l_desc=new C(e.dyn_ltree,_),e.d_desc=new C(e.dyn_dtree,b),e.bl_desc=new C(e.bl_tree,v),e.bi_buf=0,e.bi_valid=0,U(e)},t._tr_stored_block=V,t._tr_flush_block=function(e,t,r,i){var n,a,s=0;e.level>0?(2===e.strm.data_type&&(e.strm.data_type=function(e){var t,r=4093624447;for(t=0;t<=31;t++,r>>>=1)if(1&r&&0!==e.dyn_ltree[2*t])return 0;if(0!==e.dyn_ltree[18]||0!==e.dyn_ltree[20]||0!==e.dyn_ltree[26])return 1;for(t=32;t<o;t++)if(0!==e.dyn_ltree[2*t])return 1;return 0}(e)),M(e,e.l_desc),M(e,e.d_desc),s=function(e){var t;for(F(e,e.dyn_ltree,e.l_desc.max_code),F(e,e.dyn_dtree,e.d_desc.max_code),M(e,e.bl_desc),t=18;t>=3&&0===e.bl_tree[2*c[t]+1];t--);return e.opt_len+=3*(t+1)+5+5+4,t}(e),n=e.opt_len+3+7>>>3,(a=e.static_len+3+7>>>3)<=n&&(n=a)):n=a=r+5,r+4<=n&&-1!==t?V(e,t,r,i):4===e.strategy||a===n?(B(e,2+(i?1:0),3),P(e,f,p)):(B(e,4+(i?1:0),3),function(e,t,r,i){var n;for(B(e,t-257,5),B(e,r-1,5),B(e,i-4,4),n=0;n<i;n++)B(e,e.bl_tree[2*c[n]+1],3);z(e,e.dyn_ltree,t-1),z(e,e.dyn_dtree,r-1)}(e,e.l_desc.max_code+1,e.d_desc.max_code+1,s+1),P(e,e.dyn_ltree,e.dyn_dtree)),U(e),i&&D(e)},t._tr_tally=function(e,t,r){return e.pending_buf[e.d_buf+2*e.last_lit]=t>>>8&255,e.pending_buf[e.d_buf+2*e.last_lit+1]=255&t,e.pending_buf[e.l_buf+e.last_lit]=255&r,e.last_lit++,0===t?e.dyn_ltree[2*r]++:(e.matches++,t--,e.dyn_ltree[2*(y[r]+o+1)]++,e.dyn_dtree[2*x(t)]++),e.last_lit===e.lit_bufsize-1},t._tr_align=function(e){B(e,2,3),T(e,256,f),function(e){16===e.bi_valid?(E(e,e.bi_buf),e.bi_buf=0,e.bi_valid=0):e.bi_valid>=8&&(e.pending_buf[e.pending++]=255&e.bi_buf,e.bi_buf>>=8,e.bi_valid-=8)}(e)}},function(e,t,r){"use strict";var i=r(36),n=r(5),o=r(19),a=r(21),s=r(12),d=r(20),h=r(39),u=Object.prototype.toString;function l(e){if(!(this instanceof l))return new l(e);this.options=n.assign({chunkSize:16384,windowBits:0,to:""},e||{});var t=this.options;t.raw&&t.windowBits>=0&&t.windowBits<16&&(t.windowBits=-t.windowBits,0===t.windowBits&&(t.windowBits=-15)),!(t.windowBits>=0&&t.windowBits<16)||e&&e.windowBits||(t.windowBits+=32),t.windowBits>15&&t.windowBits<48&&0==(15&t.windowBits)&&(t.windowBits|=15),this.err=0,this.msg="",this.ended=!1,this.chunks=[],this.strm=new d,this.strm.avail_out=0;var r=i.inflateInit2(this.strm,t.windowBits);if(r!==a.Z_OK)throw new Error(s[r]);this.header=new h,i.inflateGetHeader(this.strm,this.header)}function c(e,t){var r=new l(t);if(r.push(e,!0),r.err)throw r.msg;return r.result}l.prototype.push=function(e,t){var r,s,d,h,l,c,f=this.strm,p=this.options.chunkSize,m=this.options.dictionary,y=!1;if(this.ended)return!1;s=t===~~t?t:!0===t?a.Z_FINISH:a.Z_NO_FLUSH,"string"==typeof e?f.input=o.binstring2buf(e):"[object ArrayBuffer]"===u.call(e)?f.input=new Uint8Array(e):f.input=e,f.next_in=0,f.avail_in=f.input.length;do{if(0===f.avail_out&&(f.output=new n.Buf8(p),f.next_out=0,f.avail_out=p),(r=i.inflate(f,a.Z_NO_FLUSH))===a.Z_NEED_DICT&&m&&(c="string"==typeof m?o.string2buf(m):"[object ArrayBuffer]"===u.call(m)?new Uint8Array(m):m,r=i.inflateSetDictionary(this.strm,c)),r===a.Z_BUF_ERROR&&!0===y&&(r=a.Z_OK,y=!1),r!==a.Z_STREAM_END&&r!==a.Z_OK)return this.onEnd(r),this.ended=!0,!1;f.next_out&&(0!==f.avail_out&&r!==a.Z_STREAM_END&&(0!==f.avail_in||s!==a.Z_FINISH&&s!==a.Z_SYNC_FLUSH)||("string"===this.options.to?(d=o.utf8border(f.output,f.next_out),h=f.next_out-d,l=o.buf2string(f.output,d),f.next_out=h,f.avail_out=p-h,h&&n.arraySet(f.output,f.output,d,h,0),this.onData(l)):this.onData(n.shrinkBuf(f.output,f.next_out)))),0===f.avail_in&&0===f.avail_out&&(y=!0)}while((f.avail_in>0||0===f.avail_out)&&r!==a.Z_STREAM_END);return r===a.Z_STREAM_END&&(s=a.Z_FINISH),s===a.Z_FINISH?(r=i.inflateEnd(this.strm),this.onEnd(r),this.ended=!0,r===a.Z_OK):s!==a.Z_SYNC_FLUSH||(this.onEnd(a.Z_OK),f.avail_out=0,!0)},l.prototype.onData=function(e){this.chunks.push(e)},l.prototype.onEnd=function(e){e===a.Z_OK&&("string"===this.options.to?this.result=this.chunks.join(""):this.result=n.flattenChunks(this.chunks)),this.chunks=[],this.err=e,this.msg=this.strm.msg},t.Inflate=l,t.inflate=c,t.inflateRaw=function(e,t){return(t=t||{}).raw=!0,c(e,t)},t.ungzip=c},function(e,t,r){"use strict";var i=r(5),n=r(17),o=r(18),a=r(37),s=r(38),d=-2,h=12,u=30;function l(e){return(e>>>24&255)+(e>>>8&65280)+((65280&e)<<8)+((255&e)<<24)}function c(){this.mode=0,this.last=!1,this.wrap=0,this.havedict=!1,this.flags=0,this.dmax=0,this.check=0,this.total=0,this.head=null,this.wbits=0,this.wsize=0,this.whave=0,this.wnext=0,this.window=null,this.hold=0,this.bits=0,this.length=0,this.offset=0,this.extra=0,this.lencode=null,this.distcode=null,this.lenbits=0,this.distbits=0,this.ncode=0,this.nlen=0,this.ndist=0,this.have=0,this.next=null,this.lens=new i.Buf16(320),this.work=new i.Buf16(288),this.lendyn=null,this.distdyn=null,this.sane=0,this.back=0,this.was=0}function f(e){var t;return e&&e.state?(t=e.state,e.total_in=e.total_out=t.total=0,e.msg="",t.wrap&&(e.adler=1&t.wrap),t.mode=1,t.last=0,t.havedict=0,t.dmax=32768,t.head=null,t.hold=0,t.bits=0,t.lencode=t.lendyn=new i.Buf32(852),t.distcode=t.distdyn=new i.Buf32(592),t.sane=1,t.back=-1,0):d}function p(e){var t;return e&&e.state?((t=e.state).wsize=0,t.whave=0,t.wnext=0,f(e)):d}function m(e,t){var r,i;return e&&e.state?(i=e.state,t<0?(r=0,t=-t):(r=1+(t>>4),t<48&&(t&=15)),t&&(t<8||t>15)?d:(null!==i.window&&i.wbits!==t&&(i.window=null),i.wrap=r,i.wbits=t,p(e))):d}function y(e,t){var r,i;return e?(i=new c,e.state=i,i.window=null,0!==(r=m(e,t))&&(e.state=null),r):d}var g,_,b=!0;function v(e){if(b){var t;for(g=new i.Buf32(512),_=new i.Buf32(32),t=0;t<144;)e.lens[t++]=8;for(;t<256;)e.lens[t++]=9;for(;t<280;)e.lens[t++]=7;for(;t<288;)e.lens[t++]=8;for(s(1,e.lens,0,288,g,0,e.work,{bits:9}),t=0;t<32;)e.lens[t++]=5;s(2,e.lens,0,32,_,0,e.work,{bits:5}),b=!1}e.lencode=g,e.lenbits=9,e.distcode=_,e.distbits=5}function w(e,t,r,n){var o,a=e.state;return null===a.window&&(a.wsize=1<<a.wbits,a.wnext=0,a.whave=0,a.window=new i.Buf8(a.wsize)),n>=a.wsize?(i.arraySet(a.window,t,r-a.wsize,a.wsize,0),a.wnext=0,a.whave=a.wsize):((o=a.wsize-a.wnext)>n&&(o=n),i.arraySet(a.window,t,r-n,o,a.wnext),(n-=o)?(i.arraySet(a.window,t,r-n,n,0),a.wnext=n,a.whave=a.wsize):(a.wnext+=o,a.wnext===a.wsize&&(a.wnext=0),a.whave<a.wsize&&(a.whave+=o))),0}t.inflateReset=p,t.inflateReset2=m,t.inflateResetKeep=f,t.inflateInit=function(e){return y(e,15)},t.inflateInit2=y,t.inflate=function(e,t){var r,c,f,p,m,y,g,_,b,k,C,x,E,B,T,A,S,U,D,I,N,P,M,F,z=0,O=new i.Buf8(4),V=[16,17,18,0,8,7,9,6,10,5,11,4,12,3,13,2,14,1,15];if(!e||!e.state||!e.output||!e.input&&0!==e.avail_in)return d;(r=e.state).mode===h&&(r.mode=13),m=e.next_out,f=e.output,g=e.avail_out,p=e.next_in,c=e.input,y=e.avail_in,_=r.hold,b=r.bits,k=y,C=g,P=0;e:for(;;)switch(r.mode){case 1:if(0===r.wrap){r.mode=13;break}for(;b<16;){if(0===y)break e;y--,_+=c[p++]<<b,b+=8}if(2&r.wrap&&35615===_){r.check=0,O[0]=255&_,O[1]=_>>>8&255,r.check=o(r.check,O,2,0),_=0,b=0,r.mode=2;break}if(r.flags=0,r.head&&(r.head.done=!1),!(1&r.wrap)||(((255&_)<<8)+(_>>8))%31){e.msg="incorrect header check",r.mode=u;break}if(8!=(15&_)){e.msg="unknown compression method",r.mode=u;break}if(b-=4,N=8+(15&(_>>>=4)),0===r.wbits)r.wbits=N;else if(N>r.wbits){e.msg="invalid window size",r.mode=u;break}r.dmax=1<<N,e.adler=r.check=1,r.mode=512&_?10:h,_=0,b=0;break;case 2:for(;b<16;){if(0===y)break e;y--,_+=c[p++]<<b,b+=8}if(r.flags=_,8!=(255&r.flags)){e.msg="unknown compression method",r.mode=u;break}if(57344&r.flags){e.msg="unknown header flags set",r.mode=u;break}r.head&&(r.head.text=_>>8&1),512&r.flags&&(O[0]=255&_,O[1]=_>>>8&255,r.check=o(r.check,O,2,0)),_=0,b=0,r.mode=3;case 3:for(;b<32;){if(0===y)break e;y--,_+=c[p++]<<b,b+=8}r.head&&(r.head.time=_),512&r.flags&&(O[0]=255&_,O[1]=_>>>8&255,O[2]=_>>>16&255,O[3]=_>>>24&255,r.check=o(r.check,O,4,0)),_=0,b=0,r.mode=4;case 4:for(;b<16;){if(0===y)break e;y--,_+=c[p++]<<b,b+=8}r.head&&(r.head.xflags=255&_,r.head.os=_>>8),512&r.flags&&(O[0]=255&_,O[1]=_>>>8&255,r.check=o(r.check,O,2,0)),_=0,b=0,r.mode=5;case 5:if(1024&r.flags){for(;b<16;){if(0===y)break e;y--,_+=c[p++]<<b,b+=8}r.length=_,r.head&&(r.head.extra_len=_),512&r.flags&&(O[0]=255&_,O[1]=_>>>8&255,r.check=o(r.check,O,2,0)),_=0,b=0}else r.head&&(r.head.extra=null);r.mode=6;case 6:if(1024&r.flags&&((x=r.length)>y&&(x=y),x&&(r.head&&(N=r.head.extra_len-r.length,r.head.extra||(r.head.extra=new Array(r.head.extra_len)),i.arraySet(r.head.extra,c,p,x,N)),512&r.flags&&(r.check=o(r.check,c,x,p)),y-=x,p+=x,r.length-=x),r.length))break e;r.length=0,r.mode=7;case 7:if(2048&r.flags){if(0===y)break e;x=0;do{N=c[p+x++],r.head&&N&&r.length<65536&&(r.head.name+=String.fromCharCode(N))}while(N&&x<y);if(512&r.flags&&(r.check=o(r.check,c,x,p)),y-=x,p+=x,N)break e}else r.head&&(r.head.name=null);r.length=0,r.mode=8;case 8:if(4096&r.flags){if(0===y)break e;x=0;do{N=c[p+x++],r.head&&N&&r.length<65536&&(r.head.comment+=String.fromCharCode(N))}while(N&&x<y);if(512&r.flags&&(r.check=o(r.check,c,x,p)),y-=x,p+=x,N)break e}else r.head&&(r.head.comment=null);r.mode=9;case 9:if(512&r.flags){for(;b<16;){if(0===y)break e;y--,_+=c[p++]<<b,b+=8}if(_!==(65535&r.check)){e.msg="header crc mismatch",r.mode=u;break}_=0,b=0}r.head&&(r.head.hcrc=r.flags>>9&1,r.head.done=!0),e.adler=r.check=0,r.mode=h;break;case 10:for(;b<32;){if(0===y)break e;y--,_+=c[p++]<<b,b+=8}e.adler=r.check=l(_),_=0,b=0,r.mode=11;case 11:if(0===r.havedict)return e.next_out=m,e.avail_out=g,e.next_in=p,e.avail_in=y,r.hold=_,r.bits=b,2;e.adler=r.check=1,r.mode=h;case h:if(5===t||6===t)break e;case 13:if(r.last){_>>>=7&b,b-=7&b,r.mode=27;break}for(;b<3;){if(0===y)break e;y--,_+=c[p++]<<b,b+=8}switch(r.last=1&_,b-=1,3&(_>>>=1)){case 0:r.mode=14;break;case 1:if(v(r),r.mode=20,6===t){_>>>=2,b-=2;break e}break;case 2:r.mode=17;break;case 3:e.msg="invalid block type",r.mode=u}_>>>=2,b-=2;break;case 14:for(_>>>=7&b,b-=7&b;b<32;){if(0===y)break e;y--,_+=c[p++]<<b,b+=8}if((65535&_)!=(_>>>16^65535)){e.msg="invalid stored block lengths",r.mode=u;break}if(r.length=65535&_,_=0,b=0,r.mode=15,6===t)break e;case 15:r.mode=16;case 16:if(x=r.length){if(x>y&&(x=y),x>g&&(x=g),0===x)break e;i.arraySet(f,c,p,x,m),y-=x,p+=x,g-=x,m+=x,r.length-=x;break}r.mode=h;break;case 17:for(;b<14;){if(0===y)break e;y--,_+=c[p++]<<b,b+=8}if(r.nlen=257+(31&_),_>>>=5,b-=5,r.ndist=1+(31&_),_>>>=5,b-=5,r.ncode=4+(15&_),_>>>=4,b-=4,r.nlen>286||r.ndist>30){e.msg="too many length or distance symbols",r.mode=u;break}r.have=0,r.mode=18;case 18:for(;r.have<r.ncode;){for(;b<3;){if(0===y)break e;y--,_+=c[p++]<<b,b+=8}r.lens[V[r.have++]]=7&_,_>>>=3,b-=3}for(;r.have<19;)r.lens[V[r.have++]]=0;if(r.lencode=r.lendyn,r.lenbits=7,M={bits:r.lenbits},P=s(0,r.lens,0,19,r.lencode,0,r.work,M),r.lenbits=M.bits,P){e.msg="invalid code lengths set",r.mode=u;break}r.have=0,r.mode=19;case 19:for(;r.have<r.nlen+r.ndist;){for(;A=(z=r.lencode[_&(1<<r.lenbits)-1])>>>16&255,S=65535&z,!((T=z>>>24)<=b);){if(0===y)break e;y--,_+=c[p++]<<b,b+=8}if(S<16)_>>>=T,b-=T,r.lens[r.have++]=S;else{if(16===S){for(F=T+2;b<F;){if(0===y)break e;y--,_+=c[p++]<<b,b+=8}if(_>>>=T,b-=T,0===r.have){e.msg="invalid bit length repeat",r.mode=u;break}N=r.lens[r.have-1],x=3+(3&_),_>>>=2,b-=2}else if(17===S){for(F=T+3;b<F;){if(0===y)break e;y--,_+=c[p++]<<b,b+=8}b-=T,N=0,x=3+(7&(_>>>=T)),_>>>=3,b-=3}else{for(F=T+7;b<F;){if(0===y)break e;y--,_+=c[p++]<<b,b+=8}b-=T,N=0,x=11+(127&(_>>>=T)),_>>>=7,b-=7}if(r.have+x>r.nlen+r.ndist){e.msg="invalid bit length repeat",r.mode=u;break}for(;x--;)r.lens[r.have++]=N}}if(r.mode===u)break;if(0===r.lens[256]){e.msg="invalid code -- missing end-of-block",r.mode=u;break}if(r.lenbits=9,M={bits:r.lenbits},P=s(1,r.lens,0,r.nlen,r.lencode,0,r.work,M),r.lenbits=M.bits,P){e.msg="invalid literal/lengths set",r.mode=u;break}if(r.distbits=6,r.distcode=r.distdyn,M={bits:r.distbits},P=s(2,r.lens,r.nlen,r.ndist,r.distcode,0,r.work,M),r.distbits=M.bits,P){e.msg="invalid distances set",r.mode=u;break}if(r.mode=20,6===t)break e;case 20:r.mode=21;case 21:if(y>=6&&g>=258){e.next_out=m,e.avail_out=g,e.next_in=p,e.avail_in=y,r.hold=_,r.bits=b,a(e,C),m=e.next_out,f=e.output,g=e.avail_out,p=e.next_in,c=e.input,y=e.avail_in,_=r.hold,b=r.bits,r.mode===h&&(r.back=-1);break}for(r.back=0;A=(z=r.lencode[_&(1<<r.lenbits)-1])>>>16&255,S=65535&z,!((T=z>>>24)<=b);){if(0===y)break e;y--,_+=c[p++]<<b,b+=8}if(A&&0==(240&A)){for(U=T,D=A,I=S;A=(z=r.lencode[I+((_&(1<<U+D)-1)>>U)])>>>16&255,S=65535&z,!(U+(T=z>>>24)<=b);){if(0===y)break e;y--,_+=c[p++]<<b,b+=8}_>>>=U,b-=U,r.back+=U}if(_>>>=T,b-=T,r.back+=T,r.length=S,0===A){r.mode=26;break}if(32&A){r.back=-1,r.mode=h;break}if(64&A){e.msg="invalid literal/length code",r.mode=u;break}r.extra=15&A,r.mode=22;case 22:if(r.extra){for(F=r.extra;b<F;){if(0===y)break e;y--,_+=c[p++]<<b,b+=8}r.length+=_&(1<<r.extra)-1,_>>>=r.extra,b-=r.extra,r.back+=r.extra}r.was=r.length,r.mode=23;case 23:for(;A=(z=r.distcode[_&(1<<r.distbits)-1])>>>16&255,S=65535&z,!((T=z>>>24)<=b);){if(0===y)break e;y--,_+=c[p++]<<b,b+=8}if(0==(240&A)){for(U=T,D=A,I=S;A=(z=r.distcode[I+((_&(1<<U+D)-1)>>U)])>>>16&255,S=65535&z,!(U+(T=z>>>24)<=b);){if(0===y)break e;y--,_+=c[p++]<<b,b+=8}_>>>=U,b-=U,r.back+=U}if(_>>>=T,b-=T,r.back+=T,64&A){e.msg="invalid distance code",r.mode=u;break}r.offset=S,r.extra=15&A,r.mode=24;case 24:if(r.extra){for(F=r.extra;b<F;){if(0===y)break e;y--,_+=c[p++]<<b,b+=8}r.offset+=_&(1<<r.extra)-1,_>>>=r.extra,b-=r.extra,r.back+=r.extra}if(r.offset>r.dmax){e.msg="invalid distance too far back",r.mode=u;break}r.mode=25;case 25:if(0===g)break e;if(x=C-g,r.offset>x){if((x=r.offset-x)>r.whave&&r.sane){e.msg="invalid distance too far back",r.mode=u;break}x>r.wnext?(x-=r.wnext,E=r.wsize-x):E=r.wnext-x,x>r.length&&(x=r.length),B=r.window}else B=f,E=m-r.offset,x=r.length;x>g&&(x=g),g-=x,r.length-=x;do{f[m++]=B[E++]}while(--x);0===r.length&&(r.mode=21);break;case 26:if(0===g)break e;f[m++]=r.length,g--,r.mode=21;break;case 27:if(r.wrap){for(;b<32;){if(0===y)break e;y--,_|=c[p++]<<b,b+=8}if(C-=g,e.total_out+=C,r.total+=C,C&&(e.adler=r.check=r.flags?o(r.check,f,C,m-C):n(r.check,f,C,m-C)),C=g,(r.flags?_:l(_))!==r.check){e.msg="incorrect data check",r.mode=u;break}_=0,b=0}r.mode=28;case 28:if(r.wrap&&r.flags){for(;b<32;){if(0===y)break e;y--,_+=c[p++]<<b,b+=8}if(_!==(4294967295&r.total)){e.msg="incorrect length check",r.mode=u;break}_=0,b=0}r.mode=29;case 29:P=1;break e;case u:P=-3;break e;case 31:return-4;case 32:default:return d}return e.next_out=m,e.avail_out=g,e.next_in=p,e.avail_in=y,r.hold=_,r.bits=b,(r.wsize||C!==e.avail_out&&r.mode<u&&(r.mode<27||4!==t))&&w(e,e.output,e.next_out,C-e.avail_out)?(r.mode=31,-4):(k-=e.avail_in,C-=e.avail_out,e.total_in+=k,e.total_out+=C,r.total+=C,r.wrap&&C&&(e.adler=r.check=r.flags?o(r.check,f,C,e.next_out-C):n(r.check,f,C,e.next_out-C)),e.data_type=r.bits+(r.last?64:0)+(r.mode===h?128:0)+(20===r.mode||15===r.mode?256:0),(0===k&&0===C||4===t)&&0===P&&(P=-5),P)},t.inflateEnd=function(e){if(!e||!e.state)return d;var t=e.state;return t.window&&(t.window=null),e.state=null,0},t.inflateGetHeader=function(e,t){var r;return e&&e.state?0==(2&(r=e.state).wrap)?d:(r.head=t,t.done=!1,0):d},t.inflateSetDictionary=function(e,t){var r,i=t.length;return e&&e.state?0!==(r=e.state).wrap&&11!==r.mode?d:11===r.mode&&n(1,t,i,0)!==r.check?-3:w(e,t,i,i)?(r.mode=31,-4):(r.havedict=1,0):d},t.inflateInfo="pako inflate (from Nodeca project)"},function(e,t,r){"use strict";e.exports=function(e,t){var r,i,n,o,a,s,d,h,u,l,c,f,p,m,y,g,_,b,v,w,k,C,x,E,B;r=e.state,i=e.next_in,E=e.input,n=i+(e.avail_in-5),o=e.next_out,B=e.output,a=o-(t-e.avail_out),s=o+(e.avail_out-257),d=r.dmax,h=r.wsize,u=r.whave,l=r.wnext,c=r.window,f=r.hold,p=r.bits,m=r.lencode,y=r.distcode,g=(1<<r.lenbits)-1,_=(1<<r.distbits)-1;e:do{p<15&&(f+=E[i++]<<p,p+=8,f+=E[i++]<<p,p+=8),b=m[f&g];t:for(;;){if(f>>>=v=b>>>24,p-=v,0===(v=b>>>16&255))B[o++]=65535&b;else{if(!(16&v)){if(0==(64&v)){b=m[(65535&b)+(f&(1<<v)-1)];continue t}if(32&v){r.mode=12;break e}e.msg="invalid literal/length code",r.mode=30;break e}w=65535&b,(v&=15)&&(p<v&&(f+=E[i++]<<p,p+=8),w+=f&(1<<v)-1,f>>>=v,p-=v),p<15&&(f+=E[i++]<<p,p+=8,f+=E[i++]<<p,p+=8),b=y[f&_];r:for(;;){if(f>>>=v=b>>>24,p-=v,!(16&(v=b>>>16&255))){if(0==(64&v)){b=y[(65535&b)+(f&(1<<v)-1)];continue r}e.msg="invalid distance code",r.mode=30;break e}if(k=65535&b,p<(v&=15)&&(f+=E[i++]<<p,(p+=8)<v&&(f+=E[i++]<<p,p+=8)),(k+=f&(1<<v)-1)>d){e.msg="invalid distance too far back",r.mode=30;break e}if(f>>>=v,p-=v,k>(v=o-a)){if((v=k-v)>u&&r.sane){e.msg="invalid distance too far back",r.mode=30;break e}if(C=0,x=c,0===l){if(C+=h-v,v<w){w-=v;do{B[o++]=c[C++]}while(--v);C=o-k,x=B}}else if(l<v){if(C+=h+l-v,(v-=l)<w){w-=v;do{B[o++]=c[C++]}while(--v);if(C=0,l<w){w-=v=l;do{B[o++]=c[C++]}while(--v);C=o-k,x=B}}}else if(C+=l-v,v<w){w-=v;do{B[o++]=c[C++]}while(--v);C=o-k,x=B}for(;w>2;)B[o++]=x[C++],B[o++]=x[C++],B[o++]=x[C++],w-=3;w&&(B[o++]=x[C++],w>1&&(B[o++]=x[C++]))}else{C=o-k;do{B[o++]=B[C++],B[o++]=B[C++],B[o++]=B[C++],w-=3}while(w>2);w&&(B[o++]=B[C++],w>1&&(B[o++]=B[C++]))}break}}break}}while(i<n&&o<s);i-=w=p>>3,f&=(1<<(p-=w<<3))-1,e.next_in=i,e.next_out=o,e.avail_in=i<n?n-i+5:5-(i-n),e.avail_out=o<s?s-o+257:257-(o-s),r.hold=f,r.bits=p}},function(e,t,r){"use strict";var i=r(5),n=15,o=[3,4,5,6,7,8,9,10,11,13,15,17,19,23,27,31,35,43,51,59,67,83,99,115,131,163,195,227,258,0,0],a=[16,16,16,16,16,16,16,16,17,17,17,17,18,18,18,18,19,19,19,19,20,20,20,20,21,21,21,21,16,72,78],s=[1,2,3,4,5,7,9,13,17,25,33,49,65,97,129,193,257,385,513,769,1025,1537,2049,3073,4097,6145,8193,12289,16385,24577,0,0],d=[16,16,16,16,17,17,18,18,19,19,20,20,21,21,22,22,23,23,24,24,25,25,26,26,27,27,28,28,29,29,64,64];e.exports=function(e,t,r,h,u,l,c,f){var p,m,y,g,_,b,v,w,k,C=f.bits,x=0,E=0,B=0,T=0,A=0,S=0,U=0,D=0,I=0,N=0,P=null,M=0,F=new i.Buf16(16),z=new i.Buf16(16),O=null,V=0;for(x=0;x<=n;x++)F[x]=0;for(E=0;E<h;E++)F[t[r+E]]++;for(A=C,T=n;T>=1&&0===F[T];T--);if(A>T&&(A=T),0===T)return u[l++]=20971520,u[l++]=20971520,f.bits=1,0;for(B=1;B<T&&0===F[B];B++);for(A<B&&(A=B),D=1,x=1;x<=n;x++)if(D<<=1,(D-=F[x])<0)return-1;if(D>0&&(0===e||1!==T))return-1;for(z[1]=0,x=1;x<n;x++)z[x+1]=z[x]+F[x];for(E=0;E<h;E++)0!==t[r+E]&&(c[z[t[r+E]]++]=E);if(0===e?(P=O=c,b=19):1===e?(P=o,M-=257,O=a,V-=257,b=256):(P=s,O=d,b=-1),N=0,E=0,x=B,_=l,S=A,U=0,y=-1,g=(I=1<<A)-1,1===e&&I>852||2===e&&I>592)return 1;for(;;){v=x-U,c[E]<b?(w=0,k=c[E]):c[E]>b?(w=O[V+c[E]],k=P[M+c[E]]):(w=96,k=0),p=1<<x-U,B=m=1<<S;do{u[_+(N>>U)+(m-=p)]=v<<24|w<<16|k|0}while(0!==m);for(p=1<<x-1;N&p;)p>>=1;if(0!==p?(N&=p-1,N+=p):N=0,E++,0==--F[x]){if(x===T)break;x=t[r+c[E]]}if(x>A&&(N&g)!==y){for(0===U&&(U=A),_+=B,D=1<<(S=x-U);S+U<T&&!((D-=F[S+U])<=0);)S++,D<<=1;if(I+=1<<S,1===e&&I>852||2===e&&I>592)return 1;u[y=N&g]=A<<24|S<<16|_-l|0}}return 0!==N&&(u[_+N]=x-U<<24|64<<16|0),f.bits=A,0}},function(e,t,r){"use strict";e.exports=function(){this.text=0,this.time=0,this.xflags=0,this.os=0,this.extra=null,this.extra_len=0,this.name="",this.comment="",this.hcrc=0,this.done=!1}},function(e,t,r){var i=r(41);e.exports={TextEncoder:i.TextEncoder,TextDecoder:i.TextDecoder}},function(e,t,r){!function(t){"use strict";function r(e,t,r){return t<=e&&e<=r}function i(e){if(void 0===e)return{};if(e===Object(e))return e;throw TypeError("Could not convert argument to dictionary")}var n=-1;function o(e){this.tokens=[].slice.call(e),this.tokens.reverse()}o.prototype={endOfStream:function(){return!this.tokens.length},read:function(){return this.tokens.length?this.tokens.pop():n},prepend:function(e){if(Array.isArray(e))for(var t=e;t.length;)this.tokens.push(t.pop());else this.tokens.push(e)},push:function(e){if(Array.isArray(e))for(var t=e;t.length;)this.tokens.unshift(t.shift());else this.tokens.unshift(e)}};var a=-1;function s(e,t){if(e)throw TypeError("Decoder error");return t||65533}function d(e){return e=String(e).trim().toLowerCase(),Object.prototype.hasOwnProperty.call(h,e)?h[e]:null}var h={};[{encodings:[{labels:["unicode-1-1-utf-8","utf-8","utf8"],name:"UTF-8"}],heading:"The Encoding"}].forEach((function(e){e.encodings.forEach((function(e){e.labels.forEach((function(t){h[t]=e}))}))}));var u={},l={};function c(e,t){if(!(this instanceof c))throw TypeError("Called as a function. Did you forget 'new'?");e=void 0!==e?String(e):"utf-8",t=i(t),this._encoding=null,this._decoder=null,this._ignoreBOM=!1,this._BOMseen=!1,this._error_mode="replacement",this._do_not_flush=!1;var r=d(e);if(null===r||"replacement"===r.name)throw RangeError("Unknown encoding: "+e);if(!l[r.name])throw Error("Decoder not present. Did you forget to include encoding-indexes.js?");var n=this;return n._encoding=r,Boolean(t.fatal)&&(n._error_mode="fatal"),Boolean(t.ignoreBOM)&&(n._ignoreBOM=!0),n}function f(e,r){if(!(this instanceof f))throw TypeError("Called as a function. Did you forget 'new'?");r=i(r),this._encoding=null,this._encoder=null,this._do_not_flush=!1,this._fatal=Boolean(r.fatal)?"fatal":"replacement";return this._encoding=d("utf-8"),void 0!==e&&"console"in t&&console.warn("TextEncoder constructor called with encoding label, which is ignored."),this}function p(e){var t=e.fatal,i=0,o=0,d=0,h=128,u=191;this.handler=function(e,l){if(l===n&&0!==d)return d=0,s(t);if(l===n)return a;if(0===d){if(r(l,0,127))return l;if(r(l,194,223))d=1,i=31&l;else if(r(l,224,239))224===l&&(h=160),237===l&&(u=159),d=2,i=15&l;else{if(!r(l,240,244))return s(t);240===l&&(h=144),244===l&&(u=143),d=3,i=7&l}return null}if(!r(l,h,u))return i=d=o=0,h=128,u=191,e.prepend(l),s(t);if(h=128,u=191,i=i<<6|63&l,(o+=1)!==d)return null;var c=i;return i=d=o=0,c}}function m(e){e.fatal;this.handler=function(e,t){if(t===n)return a;if(r(t,0,127))return t;var i,o;r(t,128,2047)?(i=1,o=192):r(t,2048,65535)?(i=2,o=224):r(t,65536,1114111)&&(i=3,o=240);for(var s=[(t>>6*i)+o];i>0;){var d=t>>6*(i-1);s.push(128|63&d),i-=1}return s}}Object.defineProperty&&(Object.defineProperty(c.prototype,"encoding",{get:function(){return this._encoding.name.toLowerCase()}}),Object.defineProperty(c.prototype,"fatal",{get:function(){return"fatal"===this._error_mode}}),Object.defineProperty(c.prototype,"ignoreBOM",{get:function(){return this._ignoreBOM}})),c.prototype.decode=function(e,t){var r;r="object"==typeof e&&e instanceof ArrayBuffer?new Uint8Array(e):"object"==typeof e&&"buffer"in e&&e.buffer instanceof ArrayBuffer?new Uint8Array(e.buffer,e.byteOffset,e.byteLength):new Uint8Array(0),t=i(t),this._do_not_flush||(this._decoder=l[this._encoding.name]({fatal:"fatal"===this._error_mode}),this._BOMseen=!1),this._do_not_flush=Boolean(t.stream);for(var s,d=new o(r),h=[];;){var u=d.read();if(u===n)break;if((s=this._decoder.handler(d,u))===a)break;null!==s&&(Array.isArray(s)?h.push.apply(h,s):h.push(s))}if(!this._do_not_flush){do{if((s=this._decoder.handler(d,d.read()))===a)break;null!==s&&(Array.isArray(s)?h.push.apply(h,s):h.push(s))}while(!d.endOfStream());this._decoder=null}return function(e){var t,r;return t=["UTF-8","UTF-16LE","UTF-16BE"],r=this._encoding.name,-1===t.indexOf(r)||this._ignoreBOM||this._BOMseen||(e.length>0&&65279===e[0]?(this._BOMseen=!0,e.shift()):e.length>0&&(this._BOMseen=!0)),function(e){for(var t="",r=0;r<e.length;++r){var i=e[r];i<=65535?t+=String.fromCharCode(i):(i-=65536,t+=String.fromCharCode(55296+(i>>10),56320+(1023&i)))}return t}(e)}.call(this,h)},Object.defineProperty&&Object.defineProperty(f.prototype,"encoding",{get:function(){return this._encoding.name.toLowerCase()}}),f.prototype.encode=function(e,t){e=e?String(e):"",t=i(t),this._do_not_flush||(this._encoder=u[this._encoding.name]({fatal:"fatal"===this._fatal})),this._do_not_flush=Boolean(t.stream);for(var r,s=new o(function(e){for(var t=String(e),r=t.length,i=0,n=[];i<r;){var o=t.charCodeAt(i);if(o<55296||o>57343)n.push(o);else if(56320<=o&&o<=57343)n.push(65533);else if(55296<=o&&o<=56319)if(i===r-1)n.push(65533);else{var a=t.charCodeAt(i+1);if(56320<=a&&a<=57343){var s=1023&o,d=1023&a;n.push(65536+(s<<10)+d),i+=1}else n.push(65533)}i+=1}return n}(e)),d=[];;){var h=s.read();if(h===n)break;if((r=this._encoder.handler(s,h))===a)break;Array.isArray(r)?d.push.apply(d,r):d.push(r)}if(!this._do_not_flush){for(;(r=this._encoder.handler(s,s.read()))!==a;)Array.isArray(r)?d.push.apply(d,r):d.push(r);this._encoder=null}return new Uint8Array(d)},u["UTF-8"]=function(e){return new m(e)},l["UTF-8"]=function(e){return new p(e)},t.TextEncoder||(t.TextEncoder=f),t.TextDecoder||(t.TextDecoder=c),e.exports&&(e.exports={TextEncoder:t.TextEncoder,TextDecoder:t.TextDecoder})}(this)},function(t,r){t.exports=e},function(e,t,r){"use strict";var i=r(4),n=function(e){this.kdbx=e.kdbx,this.exportXml=e.exportXml||!1};n.prototype.setXmlDate=function(e,t){var r=this.kdbx.header.versionMajor>=4&&!this.exportXml;i.setDate(e,t,r)},e.exports=n},function(e,r){e.exports=t},function(e,t,r){"use strict";var i=r(11),n=r(2),o=r(1),a=r(0),s=r(3);e.exports.decrypt=function(e){return Promise.resolve().then((function(){var t,r=new i(e),d=[],h=0,u=0,l=function(){if(r.getUint32(!0),t=r.readBytes(32),(h=r.getUint32(!0))>0){u+=h;var e=r.readBytes(h);return s.sha256(e).then((function(r){if(a.arrayBufferEquals(r,t))return d.push(e),l();throw new n(o.ErrorCodes.FileCorrupt,"invalid hash block")}))}for(var i=new Uint8Array(u),c=0,f=0;f<d.length;f++)i.set(new Uint8Array(d[f]),c),c+=d[f].byteLength;return i.buffer};return l()}))},e.exports.encrypt=function(e){return Promise.resolve().then((function(){var t=e.byteLength,r=0,n=0,o=0,a=[],d=function(){if(t>0){var h=Math.min(1048576,t);t-=h;var u=e.slice(r,r+h);return s.sha256(u).then((function(e){var t=new ArrayBuffer(40),s=new i(t);return s.setUint32(n,!0),s.writeBytes(e),s.setUint32(h,!0),a.push(t),o+=t.byteLength,a.push(u),o+=u.byteLength,n++,r+=h,d()}))}var l=new ArrayBuffer(40);new DataView(l).setUint32(0,n,!0),a.push(l),o+=l.byteLength;for(var c=new Uint8Array(o),f=0,p=0;p<a.length;p++)c.set(new Uint8Array(a[p]),f),f+=a[p].byteLength;return c.buffer};return d()}))}},function(e,t,r){"use strict";var i=r(8),n=r(2),o=r(1),a=r(0),s=r(11),d=r(3);function h(e,t){var r=new Uint8Array(8+e.byteLength);r.set(new Uint8Array(e),8);var i=new DataView(r.buffer);return i.setUint32(0,t.lo,!0),i.setUint32(4,t.hi,!0),d.sha512(a.arrayToBuffer(r)).then((function(e){return a.zeroBuffer(r),e}))}function u(e,t,r,n){return h(e,new i(t)).then((function(e){var i=new Uint8Array(n.byteLength+4+8),o=new DataView(i.buffer);return i.set(new Uint8Array(n),12),o.setInt32(0,t,!0),o.setInt32(8,r,!0),d.hmacSha256(e,i.buffer)}))}e.exports.getHmacKey=h,e.exports.decrypt=function(e,t){var r=new s(e);return Promise.resolve().then((function(){var e,i=[],s=0,d=0,h=0,l=function(){if(e=r.readBytes(32),(d=r.getUint32(!0))>0){h+=d;var c=r.readBytes(d);return u(t,s,d,c).then((function(t){if(a.arrayBufferEquals(t,e))return i.push(c),s++,l();throw new n(o.ErrorCodes.FileCorrupt,"invalid hash block")}))}for(var f=new Uint8Array(h),p=0,m=0;m<i.length;m++)f.set(new Uint8Array(i[m]),p),p+=i[m].byteLength;return f.buffer};return l()}))},e.exports.encrypt=function(e,t){return Promise.resolve().then((function(){var r=e.byteLength,i=0,n=0,o=0,a=[],d=function(){var h=Math.min(1048576,r);r-=h;var l=e.slice(i,i+h);return u(t,n,h,l).then((function(e){var t=new ArrayBuffer(36),r=new s(t);if(r.writeBytes(e),r.setUint32(h,!0),a.push(t),o+=t.byteLength,l.byteLength>0)return a.push(l),o+=l.byteLength,n++,i+=h,d();for(var u=new Uint8Array(o),c=0,f=0;f<a.length;f++)u.set(new Uint8Array(a[f]),c),c+=a[f].byteLength;return u.buffer}))};return d()}))}},function(e,t,r){"use strict";var i=r(23),n=r(24),o=r(1),a=r(2),s=r(3),d=r(0),h=[232,48,9,75,151,32,93,42],u=function(e){this.algo=e};u.prototype.getSalt=function(e){return d.arrayToBuffer(this.algo.getBytes(e))},u.create=function(e,t){switch(t){case o.CrsAlgorithm.Salsa20:return s.sha256(d.arrayToBuffer(e)).then((function(e){var t=new Uint8Array(e),r=new i(t,h);return new u(r)}));case o.CrsAlgorithm.ChaCha20:return s.sha512(d.arrayToBuffer(e)).then((function(e){var t=new Uint8Array(e,0,32),r=new Uint8Array(e,32,12),i=new n(t,r);return new u(i)}));default:return Promise.reject(new a(o.ErrorCodes.Unsupported,"crsAlgorithm"))}},e.exports=u},function(e,t,r){"use strict";var i=r(1),n=r(0),o=r(14),a=r(8),s=r(3),d=r(2),h=r(25),u=[{name:"salt",field:"S",type:o.ValueType.Bytes},{name:"parallelism",field:"P",type:o.ValueType.UInt32},{name:"memory",field:"M",type:o.ValueType.UInt64},{name:"iterations",field:"I",type:o.ValueType.UInt64},{name:"version",field:"V",type:o.ValueType.UInt32},{name:"secretKey",field:"K",type:o.ValueType.Bytes},{name:"assocData",field:"A",type:o.ValueType.Bytes},{name:"rounds",field:"R",type:o.ValueType.UInt64}];function l(e){var t={};return u.forEach((function(r){var i=e.get(r.field);i&&(i instanceof a&&(i=i.value),t[r.name]=i)})),t}e.exports.encrypt=function(e,t){var r=t.get("$UUID");if(!(r&&r instanceof ArrayBuffer))return Promise.reject(new d(i.ErrorCodes.FileCorrupt,"no kdf uuid"));switch(n.bytesToBase64(r)){case i.KdfId.Argon2:return function(e,t){var r=l(t);if(!(r.salt instanceof ArrayBuffer)||32!==r.salt.byteLength)return Promise.reject(new d(i.ErrorCodes.FileCorrupt,"bad argon2 salt"));if("number"!=typeof r.parallelism||r.parallelism<1)return Promise.reject(new d(i.ErrorCodes.FileCorrupt,"bad argon2 parallelism"));if("number"!=typeof r.iterations||r.iterations<1)return Promise.reject(new d(i.ErrorCodes.FileCorrupt,"bad argon2 iterations"));if("number"!=typeof r.memory||r.memory<1||r.memory%1024!=0)return Promise.reject(new d(i.ErrorCodes.FileCorrupt,"bad argon2 memory"));if(19!==r.version&&16!==r.version)return Promise.reject(new d(i.ErrorCodes.FileCorrupt,"bad argon2 version"));if(r.secretKey)return Promise.reject(new d(i.ErrorCodes.Unsupported,"argon2 secret key"));if(r.assocData)return Promise.reject(new d(i.ErrorCodes.Unsupported,"argon2 assoc data"));return s.argon2(e,r.salt,r.memory/1024,r.iterations,32,r.parallelism,0,r.version)}(e,t);case i.KdfId.Aes:return function(e,t){var r=l(t);if(!(r.salt instanceof ArrayBuffer)||32!==r.salt.byteLength)return Promise.reject(new d(i.ErrorCodes.FileCorrupt,"bad aes salt"));if("number"!=typeof r.rounds||r.rounds<1)return Promise.reject(new d(i.ErrorCodes.FileCorrupt,"bad aes rounds"));return h.encrypt(new Uint8Array(e),new Uint8Array(r.salt),r.rounds).then((function(e){return s.sha256(e).then((function(t){return n.zeroBuffer(e),t}))}))}(e,t);default:return Promise.reject(new d(i.ErrorCodes.Unsupported,"bad kdf"))}}},function(e,t,r){"use strict";var i=r(6),n=r(7),o=r(15),a=r(4),s=r(1),d={Generator:"KdbxWeb"},h=function(){this.generator=void 0,this.headerHash=void 0,this.settingsChanged=void 0,this._name=void 0,this.nameChanged=void 0,this._desc=void 0,this.descChanged=void 0,this._defaultUser=void 0,this.defaultUserChanged=void 0,this._mntncHistoryDays=void 0,this._color=void 0,this.keyChanged=void 0,this._keyChangeRec=void 0,this._keyChangeForce=void 0,this._recycleBinEnabled=void 0,this._recycleBinUuid=void 0,this.recycleBinChanged=void 0,this._entryTemplatesGroup=void 0,this.entryTemplatesGroupChanged=void 0,this._historyMaxItems=void 0,this._historyMaxSize=void 0,this._lastSelectedGroup=void 0,this._lastTopVisibleGroup=void 0,this._memoryProtection={title:void 0,userName:void 0,password:void 0,url:void 0,notes:void 0},this.customData={},this.customIcons={},this._editState=void 0,Object.preventExtensions(this)},u={name:"nameChanged",desc:"descChanged",defaultUser:"defaultUserChanged",mntncHistoryDays:null,color:null,keyChangeRec:null,keyChangeForce:null,recycleBinEnabled:"recycleBinChanged",recycleBinUuid:"recycleBinChanged",entryTemplatesGroup:"entryTemplatesGroupChanged",historyMaxItems:null,historyMaxSize:null,lastSelectedGroup:null,lastTopVisibleGroup:null,memoryProtection:null};Object.keys(u).forEach((function(e){!function(e,t){var r="_"+e;Object.defineProperty(h.prototype,e,{enumerable:!0,get:function(){return this[r]},set:function(i){i!==this[r]&&(this[r]=i,t?this[t]=new Date:this._setPropModDate(e))}})}(e,u[e])})),h.prototype._setPropModDate=function(e){this._editState||(this._editState={}),this._editState[e]=(new Date).getTime()},h.prototype._readNode=function(e,t){switch(e.tagName){case i.Elem.Generator:this.generator=a.getText(e);break;case i.Elem.HeaderHash:this.headerHash=a.getBytes(e);break;case i.Elem.SettingsChanged:this.settingsChanged=a.getDate(e);break;case i.Elem.DbName:this._name=a.getText(e);break;case i.Elem.DbNameChanged:this.nameChanged=a.getDate(e);break;case i.Elem.DbDesc:this._desc=a.getText(e);break;case i.Elem.DbDescChanged:this.descChanged=a.getDate(e);break;case i.Elem.DbDefaultUser:this._defaultUser=a.getText(e);break;case i.Elem.DbDefaultUserChanged:this.defaultUserChanged=a.getDate(e);break;case i.Elem.DbMntncHistoryDays:this._mntncHistoryDays=a.getNumber(e);break;case i.Elem.DbColor:this._color=a.getText(e);break;case i.Elem.DbKeyChanged:this.keyChanged=a.getDate(e);break;case i.Elem.DbKeyChangeRec:this._keyChangeRec=a.getNumber(e);break;case i.Elem.DbKeyChangeForce:this._keyChangeForce=a.getNumber(e);break;case i.Elem.RecycleBinEnabled:this._recycleBinEnabled=a.getBoolean(e);break;case i.Elem.RecycleBinUuid:this._recycleBinUuid=a.getUuid(e);break;case i.Elem.RecycleBinChanged:this.recycleBinChanged=a.getDate(e);break;case i.Elem.EntryTemplatesGroup:this._entryTemplatesGroup=a.getUuid(e);break;case i.Elem.EntryTemplatesGroupChanged:this.entryTemplatesGroupChanged=a.getDate(e);break;case i.Elem.HistoryMaxItems:this._historyMaxItems=a.getNumber(e);break;case i.Elem.HistoryMaxSize:this._historyMaxSize=a.getNumber(e);break;case i.Elem.LastSelectedGroup:this._lastSelectedGroup=a.getUuid(e);break;case i.Elem.LastTopVisibleGroup:this._lastTopVisibleGroup=a.getUuid(e);break;case i.Elem.MemoryProt:this._readMemoryProtection(e);break;case i.Elem.CustomIcons:this._readCustomIcons(e);break;case i.Elem.Binaries:this._readBinaries(e,t);break;case i.Elem.CustomData:this._readCustomData(e)}},h.prototype._readMemoryProtection=function(e){for(var t=0,r=e.childNodes,n=r.length;t<n;t++){var o=r[t];switch(o.tagName){case i.Elem.ProtTitle:this.memoryProtection.title=a.getBoolean(o);break;case i.Elem.ProtUserName:this.memoryProtection.userName=a.getBoolean(o);break;case i.Elem.ProtPassword:this.memoryProtection.password=a.getBoolean(o);break;case i.Elem.ProtUrl:this.memoryProtection.url=a.getBoolean(o);break;case i.Elem.ProtNotes:this.memoryProtection.notes=a.getBoolean(o)}}},h.prototype._writeMemoryProtection=function(e){var t=a.addChildNode(e,i.Elem.MemoryProt);a.setBoolean(a.addChildNode(t,i.Elem.ProtTitle),this.memoryProtection.title),a.setBoolean(a.addChildNode(t,i.Elem.ProtUserName),this.memoryProtection.userName),a.setBoolean(a.addChildNode(t,i.Elem.ProtPassword),this.memoryProtection.password),a.setBoolean(a.addChildNode(t,i.Elem.ProtUrl),this.memoryProtection.url),a.setBoolean(a.addChildNode(t,i.Elem.ProtNotes),this.memoryProtection.notes)},h.prototype._readCustomIcons=function(e){for(var t=0,r=e.childNodes,n=r.length;t<n;t++){var o=r[t];o.tagName===i.Elem.CustomIconItem&&this._readCustomIcon(o)}},h.prototype._readCustomIcon=function(e){for(var t,r,n=0,o=e.childNodes,s=o.length;n<s;n++){var d=o[n];switch(d.tagName){case i.Elem.CustomIconItemID:t=a.getUuid(d);break;case i.Elem.CustomIconItemData:r=a.getBytes(d)}}t&&r&&(this.customIcons[t]=r)},h.prototype._writeCustomIcons=function(e){var t=a.addChildNode(e,i.Elem.CustomIcons),r=this.customIcons;Object.keys(r).forEach((function(e){var n=r[e];if(n){var o=a.addChildNode(t,i.Elem.CustomIconItem);a.setUuid(a.addChildNode(o,i.Elem.CustomIconItemID),e),a.setBytes(a.addChildNode(o,i.Elem.CustomIconItemData),n)}}))},h.prototype._readBinaries=function(e,t){for(var r=0,n=e.childNodes,o=n.length;r<o;r++){var a=n[r];a.tagName===i.Elem.Binary&&this._readBinary(a,t)}},h.prototype._readBinary=function(e,t){var r=e.getAttribute(i.Attr.Id),n=a.getProtectedBinary(e);r&&n&&(t.kdbx.binaries[r]=n)},h.prototype._writeBinaries=function(e,t){var r=a.addChildNode(e,i.Elem.Binaries),n=t.kdbx.binaries;n.hashOrder.forEach((function(e,t){var o=n[e];if(o){var s=a.addChildNode(r,i.Elem.Binary);s.setAttribute(i.Attr.Id,t.toString()),a.setProtectedBinary(s,o)}}))},h.prototype._readCustomData=function(e){this.customData=o.read(e)},h.prototype._writeCustomData=function(e){o.write(e,this.customData)},h.prototype.write=function(e,t){this.generator=d.generator;var r=a.addChildNode(e,i.Elem.Meta);a.setText(a.addChildNode(r,i.Elem.Generator),d.Generator),t.kdbx.header.versionMajor<4?a.setBytes(a.addChildNode(r,i.Elem.HeaderHash),this.headerHash):this.settingsChanged&&t.setXmlDate(a.addChildNode(r,i.Elem.SettingsChanged),this.settingsChanged),a.setText(a.addChildNode(r,i.Elem.DbName),this.name),t.setXmlDate(a.addChildNode(r,i.Elem.DbNameChanged),this.nameChanged),a.setText(a.addChildNode(r,i.Elem.DbDesc),this.desc),t.setXmlDate(a.addChildNode(r,i.Elem.DbDescChanged),this.descChanged),a.setText(a.addChildNode(r,i.Elem.DbDefaultUser),this.defaultUser),t.setXmlDate(a.addChildNode(r,i.Elem.DbDefaultUserChanged),this.defaultUserChanged),a.setText(a.addChildNode(r,i.Elem.DbMntncHistoryDays),this.mntncHistoryDays),a.setText(a.addChildNode(r,i.Elem.DbColor),this.color),t.setXmlDate(a.addChildNode(r,i.Elem.DbKeyChanged),this.keyChanged),a.setNumber(a.addChildNode(r,i.Elem.DbKeyChangeRec),this.keyChangeRec),a.setNumber(a.addChildNode(r,i.Elem.DbKeyChangeForce),this.keyChangeForce),a.setBoolean(a.addChildNode(r,i.Elem.RecycleBinEnabled),this.recycleBinEnabled),a.setUuid(a.addChildNode(r,i.Elem.RecycleBinUuid),this.recycleBinUuid),t.setXmlDate(a.addChildNode(r,i.Elem.RecycleBinChanged),this.recycleBinChanged),a.setUuid(a.addChildNode(r,i.Elem.EntryTemplatesGroup),this.entryTemplatesGroup),t.setXmlDate(a.addChildNode(r,i.Elem.EntryTemplatesGroupChanged),this.entryTemplatesGroupChanged),a.setNumber(a.addChildNode(r,i.Elem.HistoryMaxItems),this.historyMaxItems),a.setNumber(a.addChildNode(r,i.Elem.HistoryMaxSize),this.historyMaxSize),a.setUuid(a.addChildNode(r,i.Elem.LastSelectedGroup),this.lastSelectedGroup),a.setUuid(a.addChildNode(r,i.Elem.LastTopVisibleGroup),this.lastTopVisibleGroup),this._writeMemoryProtection(r),this._writeCustomIcons(r),(t.exportXml||t.kdbx.header.versionMajor<4)&&this._writeBinaries(r,t),this._writeCustomData(r)},h.prototype.merge=function(e,t){e.nameChanged>this.nameChanged&&(this._name=e.name,this.nameChanged=e.nameChanged),e.descChanged>this.descChanged&&(this._desc=e.desc,this.descChanged=e.descChanged),e.defaultUserChanged>this.defaultUserChanged&&(this._defaultUser=e.defaultUser,this.defaultUserChanged=e.defaultUserChanged),e.keyChanged>this.keyChanged&&(this.keyChanged=e.keyChanged),e.settingsChanged>this.settingsChanged&&(this.settingsChanged=e.settingsChanged),e.recycleBinChanged>this.recycleBinChanged&&(this._recycleBinEnabled=e.recycleBinEnabled,this._recycleBinUuid=e.recycleBinUuid,this.recycleBinChanged=e.recycleBinChanged),e.entryTemplatesGroupChanged>this.entryTemplatesGroupChanged&&(this._entryTemplatesGroup=e.entryTemplatesGroup,this.entryTemplatesGroupChanged=e.entryTemplatesGroupChanged),Object.keys(e.customData).forEach((function(r){this.customData[r]||t.deleted[r]||(this.customData[r]=e.customData[r])}),this),Object.keys(e.customIcons).forEach((function(r){this.customIcons[r]||t.deleted[r]||(this.customIcons[r]=e.customIcons[r])}),this),this._editState&&this._editState.historyMaxItems||(this.historyMaxItems=e.historyMaxItems),this._editState&&this._editState.historyMaxSize||(this.historyMaxSize=e.historyMaxSize),this._editState&&this._editState.keyChangeRec||(this.keyChangeRec=e.keyChangeRec),this._editState&&this._editState.keyChangeForce||(this.keyChangeForce=e.keyChangeForce),this._editState&&this._editState.mntncHistoryDays||(this.mntncHistoryDays=e.mntncHistoryDays),this._editState&&this._editState.color||(this.color=e.color)},h.create=function(){var e=new Date,t=new h;return t.generator=d.Generator,t.settingsChanged=e,t.mntncHistoryDays=s.Defaults.MntncHistoryDays,t.recycleBinEnabled=!0,t.historyMaxItems=s.Defaults.HistoryMaxItems,t.historyMaxSize=s.Defaults.HistoryMaxSize,t.nameChanged=e,t.descChanged=e,t.defaultUserChanged=e,t.recycleBinChanged=e,t.keyChangeRec=-1,t.keyChangeForce=-1,t.entryTemplatesGroup=new n,t.entryTemplatesGroupChanged=e,t.memoryProtection={title:!1,userName:!1,password:!0,url:!1,notes:!1},t},h.read=function(e,t){for(var r=new h,i=0,n=e.childNodes,o=n.length;i<o;i++){var a=n[i];a.tagName&&r._readNode(a,t)}return r},e.exports=h},function(e,t,r){"use strict";var i=r(9),n=r(3),o=r(0),a=function(){Object.defineProperties(this,{idToHash:{value:{}},hashOrder:{value:null,configurable:!0}})};a.prototype.hash=function(){var e=[],t=this;return Object.keys(t).forEach((function(r){var i=t[r];e.push(t.getBinaryHash(i).then((function(e){t.idToHash[r]=e,t[e]=t[r],delete t[r]})))})),Promise.all(e)},a.prototype.getBinaryHash=function(e){var t;return e instanceof i?t=e.getHash():(e instanceof ArrayBuffer||e instanceof Uint8Array)&&(e=o.arrayToBuffer(e),t=n.sha256(e)),t.then((function(e){return o.bytesToHex(e)}))},a.prototype.assignIds=function(){Object.defineProperty(this,"hashOrder",{value:Object.keys(this),configurable:!0})},a.prototype.add=function(e){var t=this;return this.getBinaryHash(e).then((function(r){return t[r]=e,{ref:r,value:e}}))},e.exports=a},function(e,t,r){"use strict";var i=r(6),n=r(4),o=r(1),a=r(15),s=r(27),d=r(7),h=r(28),u=function(){this.uuid=void 0,this.name=void 0,this.notes=void 0,this.icon=void 0,this.customIcon=void 0,this.times=new s,this.expanded=void 0,this.defaultAutoTypeSeq=void 0,this.enableAutoType=void 0,this.enableSearching=void 0,this.lastTopVisibleEntry=void 0,this.groups=[],this.entries=[],this.parentGroup=void 0,this.customData=void 0,Object.preventExtensions(this)};u.prototype._readNode=function(e,t){switch(e.tagName){case i.Elem.Uuid:this.uuid=n.getUuid(e);break;case i.Elem.Name:this.name=n.getText(e);break;case i.Elem.Notes:this.notes=n.getText(e);break;case i.Elem.Icon:this.icon=n.getNumber(e);break;case i.Elem.CustomIconID:this.customIcon=n.getUuid(e);break;case i.Elem.Times:this.times=s.read(e);break;case i.Elem.IsExpanded:this.expanded=n.getBoolean(e);break;case i.Elem.GroupDefaultAutoTypeSeq:this.defaultAutoTypeSeq=n.getText(e);break;case i.Elem.EnableAutoType:this.enableAutoType=n.getBoolean(e);break;case i.Elem.EnableSearching:this.enableSearching=n.getBoolean(e);break;case i.Elem.LastTopVisibleEntry:this.lastTopVisibleEntry=n.getUuid(e);break;case i.Elem.Group:this.groups.push(u.read(e,t,this));break;case i.Elem.Entry:this.entries.push(h.read(e,t,this));break;case i.Elem.CustomData:this.customData=a.read(e)}},u.prototype.write=function(e,t){var r=n.addChildNode(e,i.Elem.Group);n.setUuid(n.addChildNode(r,i.Elem.Uuid),this.uuid),n.setText(n.addChildNode(r,i.Elem.Name),this.name),n.setText(n.addChildNode(r,i.Elem.Notes),this.notes),n.setNumber(n.addChildNode(r,i.Elem.Icon),this.icon),this.customIcon&&n.setUuid(n.addChildNode(r,i.Elem.CustomIconID),this.customIcon),a.write(r,this.customData),this.times.write(r,t),n.setBoolean(n.addChildNode(r,i.Elem.IsExpanded),this.expanded),n.setText(n.addChildNode(r,i.Elem.GroupDefaultAutoTypeSeq),this.defaultAutoTypeSeq),n.setBoolean(n.addChildNode(r,i.Elem.EnableAutoType),this.enableAutoType),n.setBoolean(n.addChildNode(r,i.Elem.EnableSearching),this.enableSearching),n.setUuid(n.addChildNode(r,i.Elem.LastTopVisibleEntry),this.lastTopVisibleEntry),this.groups.forEach((function(e){e.write(r,t)})),this.entries.forEach((function(e){e.write(r,t)}))},u.prototype.forEach=function(e,t){e.call(t,void 0,this),this.entries.forEach((function(r){e.call(t,r)})),this.groups.forEach((function(r){r.forEach(e,t)}))},u.prototype.merge=function(e){var t=e.remote[this.uuid];t&&(t.times.lastModTime>this.times.lastModTime&&this.copyFrom(t),this.groups=this._mergeCollection(this.groups,t.groups,e),this.entries=this._mergeCollection(this.entries,t.entries,e),this.groups.forEach((function(t){t.merge(e)})),this.entries.forEach((function(t){t.merge(e)})))},u.prototype._mergeCollection=function(e,t,r){var i=[];return e.forEach((function(e){if(!r.deleted[e.uuid]){var t=r.remote[e.uuid];t?t.times.locationChanged<=e.times.locationChanged&&i.push(e):i.push(e)}}),this),t.forEach((function(e,n){if(!r.deleted[e.uuid]){var o=r.objects[e.uuid];if(o&&e.times.locationChanged>o.times.locationChanged)o.parentGroup=this,i.splice(this._findInsertIx(i,t,n),0,o);else if(!o){var a=new e.constructor;a.copyFrom(e),a.parentGroup=this,i.splice(this._findInsertIx(i,t,n),0,a)}}}),this),i},u.prototype._findInsertIx=function(e,t,r){for(var i=e.length,n=-1,o=0;o<=e.length;o++){var a=0,s=r>0?t[r-1].uuid.id:void 0,d=r+1<t.length?t[r+1].uuid.id:void 0,h=o>0?e[o-1].uuid.id:void 0,u=o<e.length?e[o].uuid.id:void 0;s||h?s===h&&(a+=5):a+=1,d||u?d===u&&(a+=5):a+=2,a>n&&(i=o,n=a)}return i},u.prototype.copyFrom=function(e){this.uuid=e.uuid,this.name=e.name,this.notes=e.notes,this.icon=e.icon,this.customIcon=e.customIcon,this.times=e.times.clone(),this.expanded=e.expanded,this.defaultAutoTypeSeq=e.defaultAutoTypeSeq,this.enableAutoType=e.enableAutoType,this.enableSearching=e.enableSearching,this.lastTopVisibleEntry=e.lastTopVisibleEntry},u.create=function(e,t){var r=new u;return r.uuid=d.random(),r.icon=o.Icons.Folder,r.times=s.create(),r.name=e,r.parentGroup=t,r.expanded=!0,r.enableAutoType=null,r.enableSearching=null,r.lastTopVisibleEntry=new d,r},u.read=function(e,t,r){for(var i=new u,n=0,o=e.childNodes,a=o.length;n<a;n++){var s=o[n];s.tagName&&i._readNode(s,t)}return i.uuid||(i.uuid=d.random()),i.parentGroup=r,i},e.exports=u},function(e,t,r){"use strict";var i=r(6),n=r(4),o=function(){this.uuid=void 0,this.deletionTime=void 0,Object.preventExtensions(this)};o.prototype._readNode=function(e){switch(e.tagName){case i.Elem.Uuid:this.uuid=n.getUuid(e);break;case i.Elem.DeletionTime:this.deletionTime=n.getDate(e)}},o.prototype.write=function(e,t){var r=n.addChildNode(e,i.Elem.DeletedObject);n.setUuid(n.addChildNode(r,i.Elem.Uuid),this.uuid),t.setXmlDate(n.addChildNode(r,i.Elem.DeletionTime),this.deletionTime)},o.read=function(e){for(var t=new o,r=0,i=e.childNodes,n=i.length;r<n;r++){var a=i[r];a.tagName&&t._readNode(a)}return t},e.exports=o}])}));
\ No newline at end of file
diff --git a/vault/static/src/js/user_menu.js b/vault/static/src/js/user_menu.js
new file mode 100644
index 0000000000..8228685bb0
--- /dev/null
+++ b/vault/static/src/js/user_menu.js
@@ -0,0 +1,26 @@
+// © 2021 Florian Kantelberg - initOS GmbH
+// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+odoo.define("vault.UserMenu", function (require) {
+    "use strict";
+
+    var UserMenu = require("web.UserMenu");
+
+    UserMenu.include({
+        _onMenuKeys: function () {
+            var self = this;
+            var session = this.getSession();
+            this.trigger_up("clear_uncommitted_changes", {
+                callback: function () {
+                    self._rpc({
+                        model: "res.users",
+                        method: "action_get_vault",
+                    }).then(function (result) {
+                        result.res_id = session.uid;
+                        self.do_action(result);
+                    });
+                },
+            });
+        },
+    });
+});
diff --git a/vault/static/src/js/vault.js b/vault/static/src/js/vault.js
new file mode 100644
index 0000000000..70617a7548
--- /dev/null
+++ b/vault/static/src/js/vault.js
@@ -0,0 +1,411 @@
+// © 2021 Florian Kantelberg - initOS GmbH
+// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+odoo.define("vault", function (require) {
+    "use strict";
+
+    require("web.dom_ready");
+    var ajax = require("web.ajax");
+    var core = require("web.core");
+    var mixins = require("web.mixins");
+    var session = require("web.session");
+    var utils = require("vault.utils");
+
+    var _t = core._t;
+
+    // Database name on the browser
+    const Database = "vault";
+
+    const indexedDB =
+        window.indexedDB ||
+        window.mozIndexedDB ||
+        window.webkitIndexedDB ||
+        window.msIndexedDB ||
+        window.shimIndexedDB;
+
+    // Expiration time of the vault store entries
+    const Expiration = 15 * 60 * 1000;
+
+    /**
+     * Ask the user to enter a password using a dialog and put the password together
+     *
+     * @param {Boolean} confirm
+     * @returns password
+     */
+    async function askpassword(confirm = false) {
+        const askpass = await utils.askpass(
+            _t("Please enter the password for your private key"),
+            {confirm: confirm}
+        );
+
+        let password = askpass.password || "";
+        if (askpass.keyfile)
+            password += await utils.digest(utils.toBinary(askpass.keyfile));
+
+        return session.username + "|" + password;
+    }
+
+    // Vault implementation
+    var Vault = core.Class.extend(mixins.EventDispatcherMixin, {
+        /**
+         * Check if the user actually has keys otherwise generate them on init
+         *
+         * @override
+         */
+        init: function () {
+            mixins.EventDispatcherMixin.init.call(this, arguments);
+            var self = this;
+
+            function waitAndCheck() {
+                if (odoo.isReady) self._initialize_keys();
+                else setTimeout(waitAndCheck, 500);
+            }
+
+            setTimeout(waitAndCheck, 500);
+        },
+
+        /**
+         * RPC call to the backend
+         *
+         * @param {String} url
+         * @param {Object} params
+         * @param {Object} options
+         * @returns promise
+         */
+        rpc: function (url, params, options) {
+            return ajax.jsonRpc(url, "call", params, _.clone(options || {}));
+        },
+
+        /**
+         * Generate a new key pair and export to database and object store
+         */
+        generate_keys: async function () {
+            this.keys = await utils.generate_key_pair();
+            this.time = new Date();
+
+            if (!(await this._export_to_database()))
+                throw Error(_t("Failed to export the keys to the database"));
+
+            await this._export_to_store();
+        },
+
+        /**
+         * Lazy initialization of the keys which is not fully loading the keys
+         * into the javascript but ensures that keys exist in the database to
+         * to be loaded
+         *
+         * @private
+         */
+        _initialize_keys: async function () {
+            // Get the uuid of the currently active keys from the database
+            this.uuid = await this._check_database();
+            if (this.uuid) {
+                // If the object store has the keys it's done
+                if (await this._import_from_store()) return;
+
+                // Otherwise an import from the database and export to the object store
+                // is needed
+                if (await this._import_from_database()) {
+                    await this._export_to_store();
+                    return true;
+                }
+
+                // This should be silent because it would influence the entire workflow
+                console.error("Failed to import the keys from the database");
+                return false;
+            }
+
+            // There are no keys in the database which means we have to generate them
+            return await this.generate_keys();
+        },
+
+        /**
+         * Ensure that the keys are available
+         *
+         * @private
+         */
+        _ensure_keys: async function () {
+            // Check if the keys expired
+            const now = new Date();
+            if (now - this.time <= Expiration) return;
+
+            // Keys expired means that we have to get them again
+            this.keys = this.time = null;
+
+            // Clear the object store first
+            const store = await this._get_object_store();
+            store.clear();
+
+            // Import the keys from the database
+            if (!(await this._import_from_database()))
+                throw Error(_t("Failed to import keys from database"));
+
+            // Store the imported keys in the object store for the next calls
+            if (!(await this._export_to_store()))
+                throw Error(_t("Failed to export keys to object store"));
+
+            return;
+        },
+
+        /**
+         * Get the private key and check if the keys expired
+         *
+         * @returns the private key of the user
+         */
+        get_private_key: async function () {
+            await this._ensure_keys();
+            return this.keys.privateKey;
+        },
+
+        /**
+         * Get the public key and check if the keys expired
+         *
+         * @returns the public key of the user
+         */
+        get_public_key: async function () {
+            await this._ensure_keys();
+            return this.keys.publicKey;
+        },
+
+        /**
+         * Open the indexed DB and return object store using promise
+         *
+         * @private
+         * @returns a promise
+         */
+        _get_object_store: function () {
+            return new Promise((resolve, reject) => {
+                var open = indexedDB.open(Database, 1);
+                open.onupgradeneeded = function () {
+                    var db = open.result;
+                    db.createObjectStore(Database, {keyPath: "id"});
+                };
+
+                open.onerror = function (event) {
+                    reject(`error opening database ${event.target.errorCode}`);
+                };
+
+                open.onsuccess = function () {
+                    var db = open.result;
+                    var tx = db.transaction(Database, "readwrite");
+
+                    resolve(tx.objectStore(Database));
+
+                    tx.oncomplete = function () {
+                        db.close();
+                    };
+                };
+            });
+        },
+
+        /**
+         * Open the object store and extract the keys using the id
+         *
+         * @private
+         * @param {String} uuid
+         * @returns the result from the object store or false
+         */
+        _get_keys: async function (uuid) {
+            var self = this;
+            return new Promise((resolve, reject) => {
+                self._get_object_store().then((store) => {
+                    const request = store.get(uuid);
+                    request.onerror = function (event) {
+                        reject(`error opening database ${event.target.errorCode}`);
+                    };
+                    request.onsuccess = function () {
+                        resolve(request.result);
+                    };
+                });
+            });
+        },
+
+        /**
+         * Check if the keys exist in the database
+         *
+         * @returns the uuid of the currently active keys or false
+         */
+        _check_database: async function () {
+            const params = await this.rpc("/vault/keys/get");
+            if (Object.keys(params).length && params.uuid) return params.uuid;
+            return false;
+        },
+
+        /**
+         * Check if the keys exist in the store
+         *
+         * @private
+         * @param {String} uuid
+         * @returns if the keys are in the object store
+         */
+        _check_store: async function (uuid) {
+            if (!uuid) return false;
+
+            const result = await this._get_keys(uuid);
+            return Boolean(result && result.keys);
+        },
+
+        /**
+         * Import the keys from the indexed DB
+         *
+         * @private
+         * @returns if the import from the object store succeeded
+         */
+        _import_from_store: async function () {
+            const data = await this._get_keys(this.uuid);
+            if (data) {
+                this.keys = data.keys;
+                this.time = data.time;
+                return true;
+            }
+            return false;
+        },
+
+        /**
+         * Export the current keys to the indexed DB
+         *
+         * @private
+         * @returns true
+         */
+        _export_to_store: async function () {
+            const keys = {id: this.uuid, keys: this.keys, time: this.time};
+            const store = await this._get_object_store();
+            store.put(keys);
+            return true;
+        },
+
+        /**
+         * Export the key pairs to the backends
+         *
+         * @private
+         * @returns if the export to the database succeeded
+         */
+        _export_to_database: async function () {
+            // Generate salt for the user key
+            this.salt = utils.generate_bytes(utils.SaltLength).buffer;
+            this.iterations = 4000;
+
+            // Wrap the private key with the master key of the user
+            this.iv = utils.generate_bytes(utils.IVLength);
+
+            // Request the password from the user and derive the user key
+            const pass = await utils.derive_key(
+                await askpassword(true),
+                this.salt,
+                this.iterations
+            );
+
+            // Export the private key wrapped with the master key
+            const private_key = await utils.export_private_key(
+                await this.get_private_key(),
+                pass,
+                this.iv
+            );
+
+            // Export the public key
+            const public_key = await utils.export_public_key(
+                await this.get_public_key()
+            );
+
+            const params = {
+                public: public_key,
+                private: private_key,
+                iv: utils.toBase64(this.iv),
+                iterations: this.iterations,
+                salt: utils.toBase64(this.salt),
+            };
+
+            // Export to the server
+            const response = await this.rpc("/vault/keys/store", params);
+            if (response) {
+                this.uuid = response;
+                return true;
+            }
+
+            console.error("Failed to export keys to database");
+            return false;
+        },
+
+        /**
+         * Import the keys from the backend and decrypt the private key
+         *
+         * @private
+         * @returns if the import succeeded
+         */
+        _import_from_database: async function () {
+            const params = await this.rpc("/vault/keys/get");
+            if (Object.keys(params).length) {
+                this.salt = utils.fromBase64(params.salt);
+                this.iterations = params.iterations;
+
+                // Request the password from the user and derive the user key
+                const pass = await utils.derive_key(
+                    await askpassword(),
+                    this.salt,
+                    this.iterations
+                );
+
+                this.keys = {
+                    publicKey: await utils.load_public_key(params.public),
+                    privateKey: await utils.load_private_key(
+                        params.private,
+                        pass,
+                        params.iv
+                    ),
+                };
+
+                this.time = new Date();
+                this.uuid = params.uuid;
+                return true;
+            }
+            return false;
+        },
+
+        /**
+         * Wrap the master key with the own public key
+         *
+         * @param {CryptoKey} master_key
+         * @returns wrapped master key
+         */
+        wrap: async function (master_key) {
+            return await utils.wrap(master_key, await this.get_public_key());
+        },
+
+        /**
+         * Wrap the master key with a public key given as string
+         *
+         * @param {CryptoKey} master_key
+         * @param {String} public_key
+         * @returns wrapped master key
+         */
+        wrap_with: async function (master_key, public_key) {
+            const pub_key = await utils.load_public_key(public_key);
+            return await utils.wrap(master_key, pub_key);
+        },
+
+        /**
+         * Unwrap the master key with the own private key
+         *
+         * @param {CryptoKey} master_key
+         * @returns unwrapped master key
+         */
+        unwrap: async function (master_key) {
+            return await utils.unwrap(master_key, await this.get_private_key());
+        },
+
+        /**
+         * Share a wrapped master key by unwrapping with own private key and wrapping with
+         * another key
+         *
+         * @param {String} master_key
+         * @param {String} public_key
+         * @returns wrapped master key
+         */
+        share: async function (master_key, public_key) {
+            const key = await this.unwrap(master_key);
+            return await this.wrap_with(key, public_key);
+        },
+    });
+
+    return new Vault();
+});
diff --git a/vault/static/src/js/vault_controller.js b/vault/static/src/js/vault_controller.js
new file mode 100644
index 0000000000..4df1dc520e
--- /dev/null
+++ b/vault/static/src/js/vault_controller.js
@@ -0,0 +1,350 @@
+// © 2021 Florian Kantelberg - initOS GmbH
+// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+odoo.define("vault.controller", function (require) {
+    "use strict";
+
+    var core = require("web.core");
+    var Dialog = require("web.Dialog");
+    var FormController = require("web.FormController");
+    var Importer = require("vault.import");
+    var utils = require("vault.utils");
+    var vault = require("vault");
+
+    var _t = core._t;
+
+    FormController.include({
+        /**
+         * Re-encrypt the key if the user is getting selected
+         *
+         * @private
+         * @param {Object} record
+         * @param {Object} changes
+         * @param {Object} options
+         */
+        _applyChangesSendWizard: async function (record, changes, options) {
+            if (!changes.user_id || !record.data.public) return;
+
+            const key = await vault.unwrap(record.data.key);
+            await this._applyChanges(
+                record.id,
+                {key_user: await vault.wrap_with(key, record.data.public)},
+                options
+            );
+        },
+
+        /**
+         * Re-encrypt the key if the entry is getting selected
+         *
+         * @private
+         * @param {Object} record
+         * @param {Object} changes
+         * @param {Object} options
+         */
+        _applyChangesStoreWizard: async function (record, changes, options) {
+            if (
+                !changes.entry_id ||
+                !record.data.master_key ||
+                !record.data.iv ||
+                !record.data.secret_temporary
+            )
+                return;
+
+            const key = await vault.unwrap(record.data.key);
+            const secret = await utils.sym_decrypt(
+                key,
+                record.data.secret_temporary,
+                record.data.iv
+            );
+            const master_key = await vault.unwrap(record.data.master_key);
+
+            await this._applyChanges(
+                record.id,
+                {secret: await utils.sym_encrypt(master_key, secret, record.data.iv)},
+                options
+            );
+        },
+
+        /**
+         * Generate a new key pair for the current user
+         *
+         * @private
+         */
+        _newVaultKeyPair: async function () {
+            const master_keys = await this._rpc({route: "/vault/rights/get"});
+
+            // Get the current private key
+            const private_key = await vault.get_private_key();
+
+            // Generate new keys
+            await vault.generate_keys();
+
+            const public_key = await vault.get_public_key();
+
+            // Re-encrypt the master keys
+            const result = {};
+            for (const uuid in master_keys) {
+                result[uuid] = await utils.wrap(
+                    await utils.unwrap(master_keys[uuid], private_key),
+                    public_key
+                );
+            }
+
+            await this._rpc({route: "/vault/rights/store", params: {keys: result}});
+
+            await this.reload();
+        },
+
+        /**
+         * Generate a new key pair and re-encrypt the master keys of the vaults
+         *
+         * @private
+         * @param {OdooEvent} ev
+         */
+        _onGenerateKeys: async function (ev) {
+            ev.stopPropagation();
+            var self = this;
+
+            Dialog.confirm(
+                self,
+                _t("Do you really want to create a new key pair and set it active?"),
+                {
+                    confirm_callback: function () {
+                        return self._newVaultKeyPair();
+                    },
+                }
+            );
+        },
+
+        /**
+         * Hook into the button to generate new key pairs
+         *
+         * @private
+         */
+        renderButtons: function () {
+            this._super.apply(this, arguments);
+
+            if (this.modelName !== "res.users") return;
+
+            if (this.$buttons)
+                this.$buttons.on(
+                    "click",
+                    "[name='action_generate_key']",
+                    this._onGenerateKeys.bind(this)
+                );
+        },
+
+        /**
+         * Handle changes of vault.right field in the vault view properly by
+         * sharing the master key with the user
+         *
+         * @private
+         * @param {Object} record
+         * @param {Object} changes
+         * @param {Object} options
+         */
+        _changedVaultRightUser: async function (record, changes, options) {
+            if (!changes.data.user_id) return;
+
+            const params = {user_id: changes.data.user_id.id};
+            const user = await this._rpc({route: "/vault/public", params: params});
+
+            if (!user || !user.public_key)
+                throw new TypeError("User has no public key");
+
+            for (const right of record.data.right_ids.data) {
+                if (right.id === changes.id) {
+                    const key = await vault.share(
+                        record.data.master_key,
+                        user.public_key
+                    );
+                    await this._applyChanges(
+                        record.id,
+                        {
+                            right_ids: {
+                                operation: "UPDATE",
+                                id: right.id,
+                                data: {key: key},
+                            },
+                        },
+                        options
+                    );
+                }
+            }
+        },
+
+        /**
+         * Handle the deletion of a vault.right field in the vault view properly by
+         * generating a new master key and re-encrypting everything in the vault to
+         * deny any future access to the vault.
+         *
+         * @private
+         * @param {Object} record
+         * @param {Object} changes
+         * @param {Object} options
+         */
+        _deleteVaultRight: async function (record, changes, options) {
+            const master_key = await utils.generate_key();
+            const current_key = await vault.unwrap(record.data.master_key);
+
+            // Update the rights
+            for (const right of record.data.right_ids.data) {
+                if (changes.ids.indexOf(right.id) < 0) {
+                    const key = await vault.wrap_with(
+                        master_key,
+                        right.data.public_key
+                    );
+
+                    await this._applyChanges(
+                        record.id,
+                        {
+                            right_ids: {
+                                operation: "UPDATE",
+                                id: right.id,
+                                data: {key: key},
+                            },
+                        },
+                        options
+                    );
+                }
+            }
+
+            // Re-encrypt the fields
+            for (const field of record.data.field_ids.data) {
+                const val = await utils.sym_decrypt(
+                    current_key,
+                    field.data.value,
+                    field.data.iv
+                );
+                const iv = utils.generate_iv_base64();
+                const encrypted = await utils.sym_encrypt(master_key, val, iv);
+
+                await this._applyChanges(
+                    record.id,
+                    {
+                        field_ids: {
+                            operation: "UPDATE",
+                            id: field.id,
+                            data: {value: encrypted, iv: iv},
+                        },
+                    },
+                    options
+                );
+            }
+
+            // Re-encrypt the files
+            for (const file of record.data.file_ids.data) {
+                const val = await utils.sym_decrypt(
+                    current_key,
+                    file.data.content,
+                    file.data.iv
+                );
+                const iv = utils.generate_iv_base64();
+                const encrypted = await utils.sym_encrypt(master_key, val, iv);
+
+                await this._applyChanges(
+                    record.id,
+                    {
+                        file_ids: {
+                            operation: "UPDATE",
+                            id: file.id,
+                            data: {content: encrypted, iv: iv},
+                        },
+                    },
+                    options
+                );
+            }
+        },
+
+        /**
+         * Handle changes to the vault properly and call the specific function for the cases above.
+         * Generate a master key if there is not one yet
+         *
+         * @private
+         * @param {Object} record
+         * @param {Object} changes
+         * @param {Object} options
+         */
+        _applyChangesVault: async function (record, changes, options) {
+            if (!record.data.master_key && !changes.master_key) {
+                const master_key = await vault.wrap(await utils.generate_key());
+                await this._applyChanges(record.id, {master_key: master_key}, options);
+            }
+
+            if (changes.right_ids && changes.right_ids.operation === "UPDATE")
+                await this._changedVaultRightUser(record, changes.right_ids, options);
+
+            if (changes.right_ids && changes.right_ids.operation === "DELETE") {
+                const self = this;
+
+                Dialog.confirm(
+                    self,
+                    _t(
+                        "This will re-encrypt everything in the vault. Do you want to proceed?"
+                    ),
+                    {
+                        confirm_callback: async function () {
+                            await this._deleteVaultRight(
+                                record,
+                                changes.right_ids,
+                                options
+                            );
+                        },
+                    }
+                );
+            }
+        },
+
+        /**
+         * Call the right importer in the import wizard onchange of the content field
+         *
+         * @private
+         * @param {Object} record
+         * @param {Object} changes
+         * @param {Object} options
+         */
+        _applyChangesImportWizard: async function (record, changes, options) {
+            if (!changes.content) return;
+
+            // Try to import the file on the fly and store the compatible JSON in the
+            // crypted_content field for the python backend
+            const importer = new Importer();
+            const data = await importer.import(
+                await vault.unwrap(record.data.master_key),
+                record.data.name,
+                atob(changes.content)
+            );
+
+            if (data)
+                await this._applyChanges(
+                    record.id,
+                    {crypted_content: JSON.stringify(data)},
+                    options
+                );
+        },
+
+        /**
+         * Check the model of the form and call the above functions for the right case
+         *
+         * @private
+         * @param {String} dataPointID
+         * @param {Object} changes
+         * @param {Object} options
+         */
+        _applyChanges: async function (dataPointID, changes, options) {
+            const result = await this._super.apply(this, arguments);
+
+            const record = this.model.get(dataPointID);
+            if (record.model === "vault")
+                await this._applyChangesVault(record, changes, options);
+            else if (record.model === "vault.send.wizard")
+                await this._applyChangesSendWizard(record, changes, options);
+            else if (record.model === "vault.store.wizard")
+                await this._applyChangesStoreWizard(record, changes, options);
+            else if (record.model === "vault.import.wizard")
+                await this._applyChangesImportWizard(record, changes, options);
+
+            return result;
+        },
+    });
+});
diff --git a/vault/static/src/js/vault_export.js b/vault/static/src/js/vault_export.js
new file mode 100644
index 0000000000..79f2f3885c
--- /dev/null
+++ b/vault/static/src/js/vault_export.js
@@ -0,0 +1,134 @@
+// © 2021 Florian Kantelberg - initOS GmbH
+// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+odoo.define("vault.export", function (require) {
+    "use strict";
+
+    var core = require("web.core");
+    var mixins = require("web.mixins");
+    var utils = require("vault.utils");
+
+    var _t = core._t;
+
+    // This class handles the export to different formats by using a standardize
+    // JSON formatted data generated by the python backend.
+    //
+    // JSON format description:
+    //
+    // Entries are represented as objects with the following attributes
+    //  `name`, `uuid`, `url`, `note`
+    //     Specific fields of the entry. `uuid` is used for updating existing records
+    //  `childs`
+    //     Child entries
+    //  `fields`, `files`
+    //     List of encypted fields/files with `name`, `iv`, and `value`
+    //
+    var VaultExporter = core.Class.extend(mixins.EventDispatcherMixin, {
+        /**
+         * Encrypt a field of the above format properly for the backend to store.
+         * The changes are done inplace.
+         *
+         * @private
+         * @param {CryptoKey} master_key
+         * @param {Object} node
+         */
+        _export_json_entry: async function (master_key, node) {
+            const fields = [];
+            for (const field of node.fields || [])
+                fields.push({
+                    name: field.name,
+                    value: await utils.sym_decrypt(master_key, field.value, field.iv),
+                });
+
+            const files = [];
+            for (const file of node.files || [])
+                files.push({
+                    name: file.name,
+                    value: await utils.sym_decrypt(master_key, file.value, file.iv),
+                });
+
+            const childs = [];
+            for (const entry of node.childs || [])
+                childs.push(await this._export_json_entry(master_key, entry));
+
+            return {
+                name: node.name || "",
+                uuid: node.uuid || null,
+                url: node.url || "",
+                note: node.note || "",
+                childs: childs,
+                fields: fields,
+                files: files,
+            };
+        },
+
+        /**
+         * Decrypt the data fro the JSON export.
+         *
+         * @private
+         * @param {CryptoKey} master_key
+         * @param {Object} data
+         * @returns the encrypted entry for the database
+         */
+        _export_json_data: async function (master_key, data) {
+            const result = [];
+            for (const node of data)
+                result.push(await this._export_json_entry(master_key, node));
+            return JSON.stringify(result);
+        },
+
+        /**
+         * Export using JSON format. The database is stored in the `data` field of the JSON
+         * type and is an encrypted JSON object. For the encryption the needed encryption
+         * parameter `iv`, `salt` and `iterations` are stored in the file.
+         * This will add `iv` to fields and files and encrypt the `value`
+         *
+         * @private
+         * @param {CryptoKey} master_key
+         * @param {String} data
+         * @returns the encrypted entry for the database
+         */
+        _export_json: async function (master_key, data) {
+            // Get the password for the exported file from the user
+            const askpass = await utils.askpass(
+                _t("Please enter the password for the database")
+            );
+            let password = askpass.password || "";
+            if (askpass.keyfile)
+                password += await utils.digest(utils.toBinary(askpass.keyfile));
+
+            const iv = utils.generate_iv_base64();
+            const salt = utils.generate_bytes(utils.SaltLength).buffer;
+            const iterations = 4000;
+            const key = await utils.derive_key(password, salt, iterations);
+
+            // Unwrap the master key and decrypt the entries
+            const content = await this._export_json_data(master_key, JSON.parse(data));
+            return {
+                type: "encrypted",
+                iv: iv,
+                salt: utils.toBase64(salt),
+                data: await utils.sym_encrypt(key, content, iv),
+                iterations: iterations,
+            };
+        },
+
+        /**
+         * The main export functions which checks the file ending and calls the right function
+         * to handle the rest of the export
+         *
+         * @private
+         * @param {CryptoKey} master_key
+         * @param {String} filename
+         * @param {String} content
+         * @returns the data importable by the backend or false on error
+         */
+        export: async function (master_key, filename, content) {
+            if (filename.endsWith(".json"))
+                return await this._export_json(master_key, content);
+            return false;
+        },
+    });
+
+    return VaultExporter;
+});
diff --git a/vault/static/src/js/vault_import.js b/vault/static/src/js/vault_import.js
new file mode 100644
index 0000000000..5cdd8ee302
--- /dev/null
+++ b/vault/static/src/js/vault_import.js
@@ -0,0 +1,259 @@
+// © 2021 Florian Kantelberg - initOS GmbH
+// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+/* global kdbxweb */
+
+odoo.define("vault.import", function (require) {
+    "use strict";
+
+    var core = require("web.core");
+    var framework = require("web.framework");
+    var mixins = require("web.mixins");
+    var utils = require("vault.utils");
+
+    var _t = core._t;
+
+    async function encrypted_field(master_key, name, value) {
+        if (!value) return null;
+
+        const iv = utils.generate_iv_base64();
+        return {
+            name: name,
+            iv: iv,
+            value: await utils.sym_encrypt(master_key, value, iv),
+        };
+    }
+
+    // This class handles the import from different formats by returning
+    // an importable JSON formatted data which will be handled by the python
+    // backend.
+    //
+    // JSON format description:
+    //
+    // Entries are represented as objects with the following attributes
+    //  `name`, `uuid`, `url`, `note`
+    //     Specific fields of the entry. `uuid` is used for updating existing records
+    //  `childs`
+    //     Child entries
+    //  `fields`, `files`
+    //     List of encypted fields/files with `name`, `iv`, and `value`
+    //
+    var VaultImporter = core.Class.extend(mixins.EventDispatcherMixin, {
+        /**
+         * Encrypt a field of the above format properly for the backend to store.
+         * The changes are done inplace.
+         *
+         * @private
+         * @param {CryptoKey} master_key
+         * @param {Object} node
+         */
+        _import_json_entry: async function (master_key, node) {
+            for (const field of node.fields || []) {
+                field.iv = utils.generate_iv_base64();
+                field.value = await utils.sym_encrypt(
+                    master_key,
+                    field.value,
+                    field.iv
+                );
+            }
+
+            for (const file of node.files || []) {
+                file.iv = utils.generate_iv_base64();
+                file.value = await utils.sym_encrypt(master_key, file.value, file.iv);
+            }
+
+            for (const entry of node.childs || [])
+                await this._import_json_entry(master_key, entry);
+        },
+
+        /**
+         * Encrypt the data from the JSON import. This will add `iv` to fields and files
+         * and encrypt the `value`
+         *
+         * @private
+         * @param {CryptoKey} master_key
+         * @param {String} data
+         * @returns the encrypted entry for the database
+         */
+        _import_json_data: async function (master_key, data) {
+            for (const node of data) await this._import_json_entry(master_key, node);
+            return data;
+        },
+
+        /**
+         * Load from an encrypted JSON file. Encrypt the data with similar format as
+         * described above. This will add `iv` to fields and files and encrypt the `value`
+         *
+         * @private
+         * @param {CryptoKey} master_key
+         * @param {Object} content
+         * @returns the encrypted entry for the database
+         */
+        _import_encrypted_json: async function (master_key, content) {
+            const askpass = await utils.askpass(
+                _t("Please enter the password for the database")
+            );
+            let password = askpass.password || "";
+            if (askpass.keyfile)
+                password += await utils.digest(utils.toBinary(askpass.keyfile));
+
+            const key = await utils.derive_key(
+                password,
+                utils.fromBase64(content.salt),
+                content.iterations
+            );
+            const result = await utils.sym_decrypt(key, content.data, content.iv);
+            return await this._import_json_data(master_key, JSON.parse(result));
+        },
+
+        /**
+         * Import using JSON format. The database is stored in the `data` field of the JSON
+         * type and is either a JSON object or an encrypted JSON object. For the encryption
+         * the needed encryption parameter `iv`, `salt` and `iterations` are stored in the
+         * file. This will add `iv` to fields and files and encrypt the `value`
+         *
+         * @private
+         * @param {CryptoKey} master_key
+         * @param {String} data
+         * @returns the encrypted entry for the database
+         */
+        _import_json: async function (master_key, data) {
+            // Unwrap the master key and encrypt the entries
+            const result = JSON.parse(data);
+            switch (result.type) {
+                case "encrypted":
+                    return await this._import_encrypted_json(master_key, result);
+                case "raw":
+                    return await this._import_json_data(master_key, result.data);
+            }
+
+            throw Error(_t("Unsupported file to import"));
+        },
+
+        /**
+         * Encrypt an entry from the kdbx file properly for the backend to store
+         *
+         * @private
+         * @param {CryptoKey} master_key
+         * @param {Object} entry
+         * @returns the encrypted entry for the database
+         */
+        _import_kdbx_entry: async function (master_key, entry) {
+            let pass = entry.fields.Password;
+            if (pass) pass = pass.getText();
+
+            const res = {
+                uuid: entry.uuid && entry.uuid.id,
+                note: entry.fields.Notes,
+                name: entry.fields.Title,
+                url: entry.fields.URL,
+                fields: [
+                    await encrypted_field(
+                        master_key,
+                        "Username",
+                        entry.fields.UserName
+                    ),
+                    await encrypted_field(master_key, "Password", pass),
+                ],
+                files: [],
+            };
+
+            for (const name in entry.binaries)
+                res.files.push(
+                    await encrypted_field(
+                        master_key,
+                        name,
+                        utils.toBase64(entry.binaries[name].value)
+                    )
+                );
+
+            return res;
+        },
+
+        /**
+         * Handle a kdbx group entry by creating an sub-entry and calling the right functions
+         * on the childs
+         *
+         * @private
+         * @param {CryptoKey} master_key
+         * @param {Object} group
+         * @returns the encrypted entry for the database
+         */
+        _import_kdbx_group: async function (master_key, group) {
+            const res = {
+                uuid: group.uuid && group.uuid.id,
+                name: group.name,
+                note: group.notes,
+                childs: [],
+            };
+
+            for (const sub_group of group.groups || [])
+                res.childs.push(await this._import_kdbx_group(master_key, sub_group));
+
+            for (const entry of group.entries || [])
+                res.childs.push(await this._import_kdbx_entry(master_key, entry));
+
+            return res;
+        },
+
+        /**
+         * Load a kdbx file, encrypt the data, and return in the described JSON format
+         *
+         * @private
+         * @param {CryptoKey} master_key
+         * @param {String} data
+         * @returns the encrypted data for the backend
+         */
+        _import_kdbx: async function (master_key, data) {
+            // Get the credentials of the keepass database
+            const askpass = await utils.askpass(
+                _t("Please enter the password for the keepass database")
+            );
+
+            // TODO: challenge-response
+            const credentials = new kdbxweb.Credentials(
+                (askpass.password &&
+                    kdbxweb.ProtectedValue.fromString(askpass.password)) ||
+                    null,
+                askpass.keyfile || null
+            );
+
+            // Convert the data to an ArrayBuffer
+            const buffer = utils.fromBinary(data);
+
+            // Decrypt the database
+            const db = await kdbxweb.Kdbx.load(buffer, credentials);
+
+            try {
+                // Unwrap the master key, format, and encrypt the database
+                framework.blockUI();
+                const result = [];
+                for (const group of db.groups)
+                    result.push(await this._import_kdbx_group(master_key, group));
+                return result;
+            } finally {
+                framework.unblockUI();
+            }
+        },
+
+        /**
+         * The main import functions which checks the file ending and calls the right function
+         * to handle the rest of the import
+         *
+         * @private
+         * @param {CryptoKey} master_key
+         * @param {String} filename
+         * @param {String} content
+         * @returns the data importable by the backend or false on error
+         */
+        import: async function (master_key, filename, content) {
+            if (filename.endsWith(".json"))
+                return await this._import_json(master_key, content);
+            else if (filename.endsWith(".kdbx"))
+                return await this._import_kdbx(master_key, content);
+            return false;
+        },
+    });
+
+    return VaultImporter;
+});
diff --git a/vault/static/src/js/vault_inbox.js b/vault/static/src/js/vault_inbox.js
new file mode 100644
index 0000000000..37ed894f96
--- /dev/null
+++ b/vault/static/src/js/vault_inbox.js
@@ -0,0 +1,78 @@
+// © 2021 Florian Kantelberg - initOS GmbH
+// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+odoo.define("vault.inbox", function (require) {
+    "use strict";
+
+    require("web.dom_ready");
+    var utils = require("vault.utils");
+
+    var data = {};
+    var key = false;
+    var iv = false;
+
+    const fields = [
+        "key",
+        "iv",
+        "public",
+        "encrypted",
+        "secret",
+        "encrypted_file",
+        "filename",
+        "secret_file",
+    ];
+
+    function toggle_required(element, value) {
+        if (value) element.setAttribute("required", "required");
+        else element.removeAttribute("required");
+    }
+
+    // Encrypt the value and store it in the right input field
+    async function encrypt_and_store(value, target) {
+        // Find all the possible elements which are needed
+        for (const id of fields) if (!data[id]) data[id] = document.getElementById(id);
+
+        // We expect a public key here otherwise we can't procceed
+        if (!data.public.value) return;
+
+        const public_key = await utils.load_public_key(data.public.value);
+
+        // Create a new key if not already present
+        if (!key) {
+            key = await utils.generate_key();
+            data.key.value = await utils.wrap(key, public_key);
+        }
+
+        // Create a new IV if not already present
+        if (!iv) {
+            iv = utils.generate_iv_base64();
+            data.iv.value = iv;
+        }
+
+        // Encrypt the value symmetrically and store it in the field
+        const val = await utils.sym_encrypt(key, value, iv);
+        data[target].value = val;
+        return Boolean(val);
+    }
+
+    document.getElementById("secret").onchange = async function () {
+        if (!this.value) return;
+
+        const required = await encrypt_and_store(this.value, "encrypted");
+        toggle_required(data.secret, required);
+        toggle_required(data.secret_file, !required);
+    };
+
+    document.getElementById("secret_file").onchange = async function () {
+        if (!this.files.length) return;
+
+        const file = this.files[0];
+        const value = await file.text();
+        if (!value) return;
+
+        const required = await encrypt_and_store(value, "encrypted_file");
+        toggle_required(data.secret, !required);
+        toggle_required(data.secret_file, required);
+        data.filename.value = file.name;
+    };
+});
diff --git a/vault/static/src/js/vault_utils.js b/vault/static/src/js/vault_utils.js
new file mode 100644
index 0000000000..7f69772c79
--- /dev/null
+++ b/vault/static/src/js/vault_utils.js
@@ -0,0 +1,577 @@
+// © 2021 Florian Kantelberg - initOS GmbH
+// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+/* global Uint8Array */
+
+odoo.define("vault.utils", function (require) {
+    "use strict";
+
+    var core = require("web.core");
+    var Dialog = require("web.Dialog");
+
+    var _t = core._t;
+    var qweb = core.qweb;
+
+    const CryptoAPI = window.crypto.subtle;
+
+    // Some basic constants used for the entire vaults
+    const AsymmetricName = "RSA-OAEP";
+    const Hash = "SHA-512";
+    const SymmetricName = "AES-GCM";
+
+    const HashLength = 10;
+    const IVLength = 12;
+    const SaltLength = 32;
+
+    const Asymmetric = {
+        name: AsymmetricName,
+        modulusLength: 4096,
+        publicExponent: new Uint8Array([1, 0, 1]),
+        hash: Hash,
+    };
+    const Symmetric = {
+        name: SymmetricName,
+        length: 256,
+    };
+
+    /**
+     * Converts an ArrayBuffer to an ASCII string
+     *
+     * @param {ArrayBuffer} buffer
+     * @returns the data converted to a string
+     */
+    function toBinary(buffer) {
+        if (!buffer) return "";
+
+        const chars = Array.from(new Uint8Array(buffer)).map(function (b) {
+            return String.fromCharCode(b);
+        });
+        return chars.join("");
+    }
+
+    /**
+     * Converts an ASCII string to an ArrayBuffer
+     *
+     * @param {String} binary
+     * @returns the data converted to an ArrayBuffer
+     */
+    function fromBinary(binary) {
+        const len = binary.length;
+        const bytes = new Uint8Array(len);
+        for (let i = 0; i < len; i++) bytes[i] = binary.charCodeAt(i);
+        return bytes.buffer;
+    }
+
+    /**
+     * Converts an ArrayBuffer to a Base64 encoded string
+     *
+     * @param {ArrayBuffer} buffer
+     * @returns Base64 string
+     */
+    function toBase64(buffer) {
+        if (!buffer) return "";
+
+        const chars = Array.from(new Uint8Array(buffer)).map(function (b) {
+            return String.fromCharCode(b);
+        });
+        return btoa(chars.join(""));
+    }
+
+    /**
+     * Converts an Base64 encoded string to an ArrayBuffer
+     *
+     * @param {String} base64
+     * @returns the data converted to an ArrayBuffer
+     */
+    function fromBase64(base64) {
+        if (!base64) {
+            const bytes = new Uint8Array(0);
+            return bytes.buffer;
+        }
+
+        const binary_string = atob(base64);
+        const len = binary_string.length;
+        const bytes = new Uint8Array(len);
+        for (let i = 0; i < len; i++) bytes[i] = binary_string.charCodeAt(i);
+        return bytes.buffer;
+    }
+
+    /**
+     * Generate random bytes used for salts or IVs
+     *
+     * @param {int} length
+     * @returns an array with length random bytes
+     */
+    function generate_bytes(length) {
+        const buf = new Uint8Array(length);
+        window.crypto.getRandomValues(buf);
+        return buf;
+    }
+
+    /**
+     * Generate random bytes used for salts or IVs encoded as base64
+     *
+     * @returns base64 string
+     */
+    function generate_iv_base64() {
+        return toBase64(generate_bytes(IVLength));
+    }
+
+    /**
+     * Generate a random secret with specific characters
+     *
+     * @param {int} length
+     * @param {String} characters
+     * @returns base64 string
+     */
+    function generate_secret(length, characters) {
+        let result = "";
+        const len = characters.length;
+        for (const k of generate_bytes(length))
+            result += characters[Math.floor((len * k) / 256)];
+        return result;
+    }
+
+    /**
+     * Generate a symmetric key for encrypting and decrypting
+     *
+     * @returns symmetric key
+     */
+    async function generate_key() {
+        return await CryptoAPI.generateKey(Symmetric, true, ["encrypt", "decrypt"]);
+    }
+
+    /**
+     * Generate an asymmetric key pair for encrypting, decrypting, wrapping and unwrapping
+     *
+     * @returns asymmetric key
+     */
+    async function generate_key_pair() {
+        return await CryptoAPI.generateKey(Asymmetric, true, [
+            "wrapKey",
+            "unwrapKey",
+            "decrypt",
+            "encrypt",
+        ]);
+    }
+
+    /**
+     * Generate a hash of the given data
+     *
+     * @param {String} data
+     * @returns base64 encoded hash of the data
+     */
+    async function digest(data) {
+        const encoder = new TextEncoder();
+        return toBase64(await CryptoAPI.digest(Hash, encoder.encode(data)));
+    }
+
+    /**
+     * Ask the user to enter a password using a dialog
+     *
+     * @param {String} title of the dialog
+     * @param {Object} options
+     * @returns promise
+     */
+    function askpass(title, options = {}) {
+        var self = this;
+
+        if (options.password === undefined) options.password = true;
+        if (options.keyfile === undefined) options.keyfile = true;
+
+        return new Promise((resolve, reject) => {
+            var dialog = new Dialog(self, {
+                title: title,
+                $content: $(qweb.render("vault.askpass", options)),
+                buttons: [
+                    {
+                        text: _t("Enter"),
+                        classes: "btn-primary",
+                        click: async function () {
+                            const password = this.$("#password").val();
+                            const keyfile = this.$("#keyfile")[0].files[0];
+
+                            if (!password && !keyfile) {
+                                Dialog.alert(this, _t("Missing password"));
+                                return;
+                            }
+
+                            if (options.confirm) {
+                                const confirm = this.$("#confirm").val();
+
+                                if (confirm !== password) {
+                                    Dialog.alert(
+                                        this,
+                                        _t("The passwords aren't matching")
+                                    );
+                                    return;
+                                }
+                            }
+
+                            dialog.close();
+
+                            let keyfile_content = null;
+                            if (keyfile)
+                                keyfile_content = fromBinary(await keyfile.text());
+
+                            resolve({
+                                password: password,
+                                keyfile: keyfile_content,
+                            });
+                        },
+                    },
+                    {
+                        text: _t("Cancel"),
+                        click: function () {
+                            dialog.close();
+                            reject(_t("Cancelled"));
+                        },
+                    },
+                ],
+            });
+
+            dialog.open();
+        });
+    }
+
+    /**
+     * Ask the user to enter a password using a dialog
+     *
+     * @param {String} title of the dialog
+     * @param {Object} options
+     * @returns promise
+     */
+    function generate_pass(title, options = {}) {
+        var self = this;
+
+        const $content = $(qweb.render("vault.generate_pass", options));
+        const $password = $content.find("#password")[0];
+        const $length = $content.find("#length")[0];
+        const $big = $content.find("#big_letter")[0];
+        const $small = $content.find("#small_letter")[0];
+        const $digits = $content.find("#digits")[0];
+        const $special = $content.find("#special")[0];
+        var password = null;
+
+        function gen_pass() {
+            let characters = "";
+            if ($big.checked) characters += "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
+            if ($small.checked) characters += "abcdefghijklmnopqrstuvwxyz";
+            if ($digits.checked) characters += "0123456789";
+            if ($special.checked) characters += "!?$%&/()[]{}|<>,;.:-_#+*\\";
+
+            if (characters)
+                $password.innerHTML = password = generate_secret(
+                    $length.value,
+                    characters
+                );
+        }
+
+        $length.onchange = $big.onchange = $small.onchange = $digits.onchange = $special.onchange = gen_pass;
+
+        gen_pass();
+
+        return new Promise((resolve, reject) => {
+            var dialog = new Dialog(self, {
+                title: title,
+                $content: $content,
+                buttons: [
+                    {
+                        text: _t("Enter"),
+                        classes: "btn-primary",
+                        click: async function () {
+                            if (!password) throw new Error(_t("Missing password"));
+
+                            dialog.close();
+                            resolve(password);
+                        },
+                    },
+                    {
+                        text: _t("Cancel"),
+                        click: function () {
+                            dialog.close();
+                            reject(_t("Cancelled"));
+                        },
+                    },
+                ],
+            });
+
+            dialog.open();
+        });
+    }
+
+    /**
+     * Derive a key using the given data, salt and iterations using PBKDF2
+     *
+     * @param {String} data
+     * @param {String} salt
+     * @param {int} iterations
+     * @returns the derived key
+     */
+    async function derive_key(data, salt, iterations) {
+        const enc = new TextEncoder();
+        const material = await CryptoAPI.importKey(
+            "raw",
+            enc.encode(data),
+            "PBKDF2",
+            false,
+            ["deriveBits", "deriveKey"]
+        );
+
+        return await CryptoAPI.deriveKey(
+            {
+                name: "PBKDF2",
+                salt: salt,
+                iterations: iterations,
+                hash: Hash,
+            },
+            material,
+            Symmetric,
+            false,
+            ["wrapKey", "unwrapKey", "encrypt", "decrypt"]
+        );
+    }
+
+    /**
+     * Encrypt the data using a public key
+     *
+     * @param {CryptoKey} public_key
+     * @param {String} data
+     * @returns the encrypted data
+     */
+    async function asym_encrypt(public_key, data) {
+        if (!data) return data;
+
+        const enc = new TextEncoder();
+        return toBase64(
+            await CryptoAPI.encrypt(
+                {name: AsymmetricName},
+                public_key,
+                enc.encode(data)
+            )
+        );
+    }
+
+    /**
+     * Decrypt the data using the own private key
+     *
+     * @param {CryptoKey} private_key
+     * @param {String} crypted
+     * @returns the decrypted data
+     */
+    async function asym_decrypt(private_key, crypted) {
+        if (!crypted) return crypted;
+
+        const dec = new TextDecoder();
+        return dec.decode(
+            await CryptoAPI.decrypt(
+                {name: AsymmetricName},
+                private_key,
+                fromBase64(crypted)
+            )
+        );
+    }
+
+    /**
+     * Symmetrically encrypt the data using a master key
+     *
+     * @param {CryptoKey} key
+     * @param {String} data
+     * @param {String} iv
+     * @returns the encrypted data
+     */
+    async function sym_encrypt(key, data, iv) {
+        if (!data) return data;
+
+        const hash = await digest(data);
+        const enc = new TextEncoder();
+        return toBase64(
+            await CryptoAPI.encrypt(
+                {name: SymmetricName, iv: fromBase64(iv), tagLength: 128},
+                key,
+                enc.encode(hash.slice(0, HashLength) + data)
+            )
+        );
+    }
+
+    /**
+     * Symmetrically decrypt the data using a master key
+     *
+     * @param {CryptoKey} key
+     * @param {String} crypted
+     * @param {String} iv
+     * @returns the decrypted data
+     */
+    async function sym_decrypt(key, crypted, iv) {
+        if (!crypted) return crypted;
+
+        try {
+            const dec = new TextDecoder();
+            const message = dec.decode(
+                await CryptoAPI.decrypt(
+                    {name: SymmetricName, iv: fromBase64(iv), tagLength: 128},
+                    key,
+                    fromBase64(crypted)
+                )
+            );
+
+            const data = message.slice(HashLength);
+            const hash = await digest(data);
+            // Compare the hash and return if integer
+            if (hash.slice(0, HashLength) === message.slice(0, HashLength)) return data;
+
+            console.error("Invalid data hash");
+            // Wrong hash
+            return null;
+        } catch (err) {
+            console.error(err);
+            return null;
+        }
+    }
+
+    /**
+     * Load a public key
+     *
+     * @param {String} public_key
+     * @returns the public key as CryptoKey
+     */
+    async function load_public_key(public_key) {
+        return await CryptoAPI.importKey(
+            "spki",
+            fromBase64(public_key),
+            Asymmetric,
+            true,
+            ["wrapKey", "encrypt"]
+        );
+    }
+
+    /**
+     * Load a private key
+     *
+     * @param {String} private_key
+     * @param {CryptoKey} key
+     * @param {String} iv
+     * @returns the private key as CryptoKey
+     */
+    async function load_private_key(private_key, key, iv) {
+        return await CryptoAPI.unwrapKey(
+            "pkcs8",
+            fromBase64(private_key),
+            key,
+            {name: SymmetricName, iv: fromBase64(iv), tagLength: 128},
+            Asymmetric,
+            true,
+            ["unwrapKey", "decrypt"]
+        );
+    }
+
+    /**
+     * Export a public key in spki format
+     *
+     * @param {CryptoKey} public_key
+     * @returns the public key as string
+     */
+    async function export_public_key(public_key) {
+        return toBase64(await CryptoAPI.exportKey("spki", public_key));
+    }
+
+    /**
+     * Export a private key in pkcs8 format
+     *
+     * @param {String} private_key
+     * @param {CryptoKey} key
+     * @param {String} iv
+     * @returns the public key as CryptoKey
+     */
+    async function export_private_key(private_key, key, iv) {
+        return toBase64(
+            await CryptoAPI.wrapKey("pkcs8", private_key, key, {
+                name: SymmetricName,
+                iv: iv,
+                tagLength: 128,
+            })
+        );
+    }
+
+    /**
+     * Wrap the master key with the own public key
+     *
+     * @param {CryptoKey} key
+     * @param {CryptoKey} public_key
+     * @returns wrapped master key
+     */
+    async function wrap(key, public_key) {
+        return toBase64(await CryptoAPI.wrapKey("raw", key, public_key, Asymmetric));
+    }
+
+    /**
+     * Unwrap the master key with the own private key
+     *
+     * @param {CryptoKey} key
+     * @param {CryptoKey} private_key
+     * @returns unwrapped master key
+     */
+    async function unwrap(key, private_key) {
+        return await CryptoAPI.unwrapKey(
+            "raw",
+            fromBase64(key),
+            private_key,
+            Asymmetric,
+            Symmetric,
+            true,
+            ["encrypt", "decrypt"]
+        );
+    }
+
+    /**
+     * Capitalize each word of the string
+     *
+     * @param {String} s
+     * @returns capitalized string
+     */
+    function capitalize(s) {
+        return s.toLowerCase().replace(/\b\w/g, function (c) {
+            return c.toUpperCase();
+        });
+    }
+
+    return {
+        // Constants
+        Asymmetric: Asymmetric,
+        AsymmetricName: AsymmetricName,
+        Hash: Hash,
+        HashLength: HashLength,
+        IVLength: IVLength,
+        SaltLength: SaltLength,
+        Symmetric: Symmetric,
+        SymmetricName: SymmetricName,
+
+        // Crypto utility functions
+        askpass: askpass,
+        asym_decrypt: asym_decrypt,
+        asym_encrypt: asym_encrypt,
+        derive_key: derive_key,
+        digest: digest,
+        export_private_key: export_private_key,
+        export_public_key: export_public_key,
+        generate_bytes: generate_bytes,
+        generate_iv_base64: generate_iv_base64,
+        generate_key: generate_key,
+        generate_key_pair: generate_key_pair,
+        generate_pass: generate_pass,
+        generate_secret: generate_secret,
+        load_private_key: load_private_key,
+        load_public_key: load_public_key,
+        sym_decrypt: sym_decrypt,
+        sym_encrypt: sym_encrypt,
+        unwrap: unwrap,
+        wrap: wrap,
+
+        // Utility functions
+        capitalize: capitalize,
+        fromBase64: fromBase64,
+        fromBinary: fromBinary,
+        toBase64: toBase64,
+        toBinary: toBinary,
+    };
+});
diff --git a/vault/static/src/js/vault_widget.js b/vault/static/src/js/vault_widget.js
new file mode 100644
index 0000000000..5ef07b0429
--- /dev/null
+++ b/vault/static/src/js/vault_widget.js
@@ -0,0 +1,544 @@
+// © 2021 Florian Kantelberg - initOS GmbH
+// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+/* global ArrayBuffer, Uint8Array */
+
+odoo.define("vault.fields", function (require) {
+    "use strict";
+
+    var core = require("web.core");
+    var basic_fields = require("web.basic_fields");
+    var download = require("web.download");
+    var Exporter = require("vault.export");
+    var registry = require("web.field_registry");
+    var utils = require("vault.utils");
+    var vault = require("vault");
+
+    var _t = core._t;
+    var QWeb = core.qweb;
+
+    var VaultAbstract = {
+        /**
+         * Set the value by encrypting it
+         *
+         * @param {String} value
+         * @param {Object} options
+         * @returns promise for the encryption
+         */
+        _setValue: function (value, options) {
+            const self = this;
+            const _super = this._super;
+            return this._encrypt(value).then(function (data) {
+                _super.call(self, data, options);
+            });
+        },
+
+        /**
+         * Set the value of a different field
+         *
+         * @param {String} field
+         * @param {String} value
+         */
+        _setFieldValue: function (field, value) {
+            const data = {};
+            data[field] = value;
+
+            this.trigger_up("field_changed", {
+                dataPointID: this.dataPointID,
+                changes: data,
+            });
+        },
+
+        /**
+         * Extract the IV or generate a new one if needed
+         *
+         * @returns the IV to use
+         */
+        _getIV: function () {
+            // IV already read. Reuse it
+            if (this.iv) return this.iv;
+
+            // Read the IV from the field
+            this.iv = this.recordData[this.field_iv];
+            if (this.iv) return this.iv;
+
+            // Generate a new IV
+            this.iv = utils.generate_iv_base64();
+            this._setFieldValue(this.field_iv, this.iv);
+            return this.iv;
+        },
+
+        /**
+         * Extract the master key of the vault or generate a new one
+         *
+         * @returns the master key to use
+         */
+        _getMasterKey: async function () {
+            // Check if the master key is already extracted
+            if (this.key) return await vault.unwrap(this.key);
+
+            // Get the wrapped master key from the field
+            this.key = this.recordData[this.field_key];
+            if (this.key) return await vault.unwrap(this.key);
+
+            // Generate a new master key and write it to the field
+            const key = await utils.generate_key();
+            this.key = await vault.wrap(key);
+            this._setFieldValue(this.field_key, this.key);
+            return key;
+        },
+
+        /**
+         * Toggle if the value is shown or hidden, and decrypt the value if shown
+         *
+         * @private
+         * @param {OdooEvent} ev
+         */
+        _onShowValue: async function (ev) {
+            ev.stopPropagation();
+
+            this.decrypted = !this.decrypted;
+            if (this.decrypted) this.decrypted_value = await this._decrypt(this.value);
+            else this.decrypted_value = false;
+
+            this._render();
+        },
+
+        /**
+         * Copy the decrypted value to the clipboard
+         *
+         * @private
+         * @param {OdooEvent} ev
+         */
+        _onCopyValue: async function (ev) {
+            ev.stopPropagation();
+
+            const value = await this._decrypt(this.value);
+            await navigator.clipboard.writeText(value);
+        },
+
+        /**
+         * Send the value with an internal user
+         *
+         * @private
+         * @param {OdooEvent} ev
+         */
+        _onSendValue: async function (ev) {
+            ev.stopPropagation();
+
+            const key = await utils.generate_key();
+            const iv = utils.generate_iv_base64();
+            const value = await this._decrypt(this.value);
+
+            this.do_action({
+                type: "ir.actions.act_window",
+                title: _t("Send the secret to another user"),
+                target: "new",
+                res_model: "vault.send.wizard",
+                views: [[false, "form"]],
+                context: {
+                    default_secret: await utils.sym_encrypt(key, value, iv),
+                    default_iv: iv,
+                    default_key: await vault.wrap(key),
+                },
+            });
+        },
+
+        /**
+         * Save the content in an entry of a vault
+         *
+         * @private
+         * @param {OdooEvent} ev
+         */
+        _onSaveValue: async function (ev) {
+            ev.stopPropagation();
+
+            const key = await utils.generate_key();
+            const iv = utils.generate_iv_base64();
+            const value = await this._decrypt(this.value);
+            const store_model = this.store_model || "vault.field";
+
+            this.do_action({
+                type: "ir.actions.act_window",
+                title: _t("Store the secret in a vault"),
+                target: "new",
+                res_model: "vault.store.wizard",
+                views: [[false, "form"]],
+                context: {
+                    default_model: store_model,
+                    default_secret_temporary: await utils.sym_encrypt(key, value, iv),
+                    default_iv: iv,
+                    default_key: await vault.wrap(key),
+                },
+            });
+        },
+
+        /**
+         * Decrypt data with the master key stored in the vault
+         *
+         * @param {String} data
+         * @returns the decrypted data
+         */
+        _decrypt: async function (data) {
+            const iv = this._getIV();
+            const key = await this._getMasterKey();
+            return await utils.sym_decrypt(key, data, iv);
+        },
+
+        /**
+         * Encrypt data with the master key stored in the vault
+         *
+         * @param {String} data
+         * @returns the encrypted data
+         */
+        _encrypt: async function (data) {
+            const iv = this._getIV();
+            const key = await this._getMasterKey();
+            return await utils.sym_encrypt(key, data, iv);
+        },
+    };
+
+    // Basic field widget of the vault
+    var VaultField = basic_fields.InputField.extend(VaultAbstract, {
+        supportedFieldTypes: ["char"],
+        tagName: "div",
+        events: _.extend({}, basic_fields.InputField.prototype.events, {
+            "click .o_vault_show": "_onShowValue",
+            "click .o_vault_clipboard": "_onCopyValue",
+            "click .o_vault_generate": "_onGenerateValue",
+            "click .o_vault_send": "_onSendValue",
+        }),
+        className: "o_vault o_field_char",
+        template: "FieldVault",
+
+        /**
+         * Prepare the widget by evaluating the field attributes and setting the defaults
+         *
+         * @override
+         */
+        init: function () {
+            this._super.apply(this, arguments);
+
+            this.field_key = this.attrs.key || "master_key";
+            this.field_iv = this.attrs.iv || "iv";
+            this.decrypted = false;
+        },
+
+        /**
+         * Generate a secret
+         *
+         * @private
+         * @param {OdooEvent} ev
+         */
+        _onGenerateValue: async function (ev) {
+            ev.stopPropagation();
+
+            const password = await utils.generate_pass();
+            this.$el.find("input.o_vault_value")[0].value = password;
+            this._setValue(password, {});
+        },
+
+        /**
+         * Render the decrypted value or the stars
+         *
+         * @private
+         */
+        _renderReadonly: function () {
+            this._renderValue(this.decrypted_value || "********");
+        },
+
+        /**
+         * Adapt the maxlength
+         *
+         * @private
+         * @override
+         */
+        _renderEdit: function () {
+            if (this.field.size && this.field.size > 0)
+                this.$el.attr("maxlength", this.field.size);
+            return this._super.apply(this, arguments);
+        },
+
+        /**
+         * Render the decrypted value or the stars
+         *
+         * @private
+         * @param {String} value to render
+         */
+        _renderValue: function (value) {
+            this.$el.html(
+                QWeb.render(this.template, {
+                    widget: self,
+                    value: value,
+                    show: !this.decrypted,
+                })
+            );
+        },
+
+        /**
+         * Decrypt the value and show in edit mode
+         *
+         * @private
+         * @param {JQuery} $input
+         * @returns the element
+         */
+        _prepareInput: function ($input) {
+            const self = this;
+            const inputAttrs = {
+                placeholder: self.attrs.placeholder || "",
+                type: "text",
+            };
+            this.$input = $input || $("<input/>");
+            this.$input.addClass("o_input");
+            this.$input.attr(inputAttrs);
+
+            this._decrypt(this.value).then(function (data) {
+                self.$input.val(self._formatValue(data));
+            });
+
+            return this.$input;
+        },
+
+        /**
+         * @override
+         * @returns {String} the content of the input
+         */
+        _getValue: function () {
+            return this.$("input").val();
+        },
+    });
+
+    // Widget used for using encrypted files
+    var VaultFile = basic_fields.FieldBinaryFile.extend(VaultAbstract, {
+        className: "o_vault",
+
+        /**
+         * Prepare the widget by evaluating the field attributes and setting the defaults
+         *
+         * @override
+         */
+        init: function () {
+            this._super.apply(this, arguments);
+
+            this.field_key = this.attrs.key || "master_key";
+            this.field_iv = this.attrs.iv || "iv";
+        },
+
+        /**
+         * Handle on save correctly by decrypting the value before and starting the download
+         *
+         * @private
+         * @param {OdooEvent} ev
+         */
+        on_save_as: async function (ev) {
+            if (!this.value) {
+                this.do_warn(
+                    _t("Save As..."),
+                    _t("The field is empty, there's nothing to save!")
+                );
+                ev.stopPropagation();
+            } else if (this.res_id) {
+                ev.stopPropagation();
+
+                const filename_fieldname = this.attrs.filename;
+                const base64 = atob(await this._decrypt(this.value));
+                const buffer = new ArrayBuffer(base64.length);
+                const arr = new Uint8Array(buffer);
+                for (let i = 0; i < base64.length; i++) arr[i] = base64.charCodeAt(i);
+
+                const blob = new Blob([arr]);
+                download(blob, this.recordData[filename_fieldname] || "");
+            }
+        },
+    });
+
+    // Widget used for using export
+    var VaultExportFile = basic_fields.FieldBinaryFile.extend(VaultAbstract, {
+        className: "o_vault",
+        events: _.extend({}, basic_fields.AbstractFieldBinary.prototype.events, {
+            click: function (event) {
+                if (this.mode === "readonly" && this.value) this.on_save_as(event);
+            },
+            "click .o_input": function () {
+                this.$(".o_input_file").click();
+            },
+        }),
+
+        /**
+         * Prepare the widget by evaluating the field attributes and setting the defaults
+         *
+         * @override
+         */
+        init: function () {
+            this._super.apply(this, arguments);
+
+            this.field_key = this.attrs.key || "master_key";
+        },
+
+        /**
+         * Render the widget always like the normal widget in readonly mode
+         *
+         * @private
+         * @override
+         */
+        _render: function () {
+            if (this.value) {
+                this.$el.empty().append($("<span/>").addClass("fa fa-download"));
+                this.$el.css("cursor", "pointer");
+
+                if (this.filename_value) this.$el.append(" " + this.filename_value);
+            } else this.$el.css("cursor", "not-allowed");
+        },
+
+        /**
+         * Handle on save correctly by decrypting the value before and starting the download
+         *
+         * @private
+         * @param {OdooEvent} ev
+         */
+        on_save_as: async function (ev) {
+            if (this.value) {
+                ev.stopPropagation();
+
+                const exporter = new Exporter();
+                const content = JSON.stringify(
+                    await exporter.export(
+                        await this._getMasterKey(),
+                        this.filename_value,
+                        this.value
+                    )
+                );
+                const buffer = new ArrayBuffer(content.length);
+                const arr = new Uint8Array(buffer);
+                for (let i = 0; i < content.length; i++) arr[i] = content.charCodeAt(i);
+
+                const blob = new Blob([arr]);
+                download(blob, this.filename_value || "");
+            } else {
+                this.do_warn(
+                    _t("Save As..."),
+                    _t("The field is empty, there's nothing to save!")
+                );
+                ev.stopPropagation();
+            }
+        },
+    });
+
+    var VaultInboxField = VaultField.extend(VaultAbstract, {
+        store_model: "vault.field",
+        events: _.extend({}, VaultField.prototype.events, {
+            "click .o_vault_show": "_onShowValue",
+            "click .o_vault_clipboard": "_onCopyValue",
+            "click .o_vault_save": "_onSaveValue",
+        }),
+        template: "FieldVaultInbox",
+
+        /**
+         * Prepare the widget by evaluating the field attributes and setting the defaults
+         *
+         * @override
+         */
+        init: function () {
+            this._super.apply(this, arguments);
+
+            this.field_iv = this.attrs.iv || "iv";
+            this.field_key = this.attrs.key || "key";
+            this.decrypted = false;
+        },
+
+        /**
+         * Decrypt the data with the private key of the vault
+         *
+         * @private
+         * @param {String} data
+         * @returns the decrypted data
+         */
+        _decrypt: async function (data) {
+            const iv = this.recordData[this.field_iv];
+            const wrapped_key = this.recordData[this.field_key];
+
+            if (!iv || !wrapped_key) return false;
+
+            const key = await vault.unwrap(wrapped_key);
+            return await utils.sym_decrypt(key, data, iv);
+        },
+
+        /**
+         * Render the decrypted value or the stars
+         *
+         * @private
+         */
+        _renderEdit: function () {
+            this._renderReadonly();
+        },
+    });
+
+    // Widget used to view shared incoming secrets encrypted with public keys
+    var VaultInboxFile = VaultFile.extend(VaultAbstract, {
+        store_model: "vault.file",
+        template: "FileVaultInbox",
+        events: _.extend({}, VaultFile.prototype.events, {
+            "click .o_vault_save": "_onSaveValue",
+        }),
+
+        /**
+         * Prepare the widget by evaluating the field attributes and setting the defaults
+         *
+         * @override
+         */
+        init: function () {
+            this._super.apply(this, arguments);
+
+            this.field_key = this.attrs.key || "key";
+            this.decrypted = false;
+        },
+
+        _renderReadonly: function () {
+            this.do_toggle(Boolean(this.value));
+            if (this.value) {
+                this.$el.html(
+                    QWeb.render(this.template, {
+                        widget: this,
+                        filename: this.filename_value,
+                    })
+                );
+
+                const $el = this.$(".link");
+                if (this.recordData.id) $el.css("cursor", "pointer");
+                else $el.css("cursor", "not-allowed");
+            }
+        },
+
+        /**
+         * Decrypt the data with the private key of the vault
+         *
+         * @private
+         * @param {String} data
+         * @returns the decrypted data
+         */
+        _decrypt: async function (data) {
+            const iv = this.recordData[this.field_iv];
+            const wrapped_key = this.recordData[this.field_key];
+
+            if (!iv || !wrapped_key) return false;
+
+            const key = await vault.unwrap(wrapped_key);
+            return btoa(await utils.sym_decrypt(key, data, iv));
+        },
+    });
+
+    registry.add("vault", VaultField);
+    registry.add("vault_file", VaultFile);
+    registry.add("vault_export", VaultExportFile);
+    registry.add("vault_inbox", VaultInboxField);
+    registry.add("vault_inbox_file", VaultInboxFile);
+
+    return {
+        VaultAbstract: VaultAbstract,
+        VaultField: VaultField,
+        VaultFile: VaultFile,
+        VaultExportFile: VaultExportFile,
+        VaultInboxFile: VaultInboxFile,
+        VaultInboxField: VaultInboxField,
+    };
+});
diff --git a/vault/static/src/scss/vault.scss b/vault/static/src/scss/vault.scss
new file mode 100644
index 0000000000..16838f4283
--- /dev/null
+++ b/vault/static/src/scss/vault.scss
@@ -0,0 +1,7 @@
+.o_vault button {
+    padding: 0;
+}
+
+.o_vault_inbox {
+    white-space: pre-wrap;
+}
diff --git a/vault/static/src/xml/templates.xml b/vault/static/src/xml/templates.xml
new file mode 100644
index 0000000000..f7cbeb3e7f
--- /dev/null
+++ b/vault/static/src/xml/templates.xml
@@ -0,0 +1,178 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<templates id="template" xml:space="preserve">
+    <t t-extend="UserMenu.Actions">
+        <t t-jquery="[data-menu='settings']" t-operation="before">
+            <a
+                role="menuitem"
+                href="#"
+                data-menu="keys"
+                class="dropdown-item"
+            >Key Management</a>
+        </t>
+    </t>
+
+    <t t-name="vault.buttons">
+        <button
+            class="btn fa fa-eye o_vault_show"
+            t-if="show"
+            title="Show"
+            aria-label="Show"
+        />
+        <button
+            class="btn fa fa-eye-slash o_vault_show"
+            t-else=""
+            title="Hide"
+            aria-label="Hide"
+        />
+        <button
+            class="btn fa fa-clipboard o_vault_clipboard"
+            title="Copy to clipboard"
+            aria-label="Copy to clipboard"
+        />
+        <button
+            class="btn fa fa-share-alt o_vault_send"
+            title="Send the secret to an user"
+            aria-label="Send the secret to an user"
+        />
+    </t>
+
+    <div t-name="vault.askpass" class="o_form_view">
+        <label for="password" class="col-lg-auto col-form-label">
+            Please enter your password or upload a keyfile:
+        </label>
+
+        <table class="col o_group">
+            <tr>
+                <td class="o_td_label text-nowrap">
+                    <label class="o_form_label">Enter your password:</label>
+                </td>
+                <td class="col-12">
+                    <input
+                        type="password"
+                        name="password"
+                        id="password"
+                        required="required"
+                    />
+                </td>
+            </tr>
+            <tr t-if="confirm">
+                <td class="o_td_label text-nowrap">
+                    <label class="o_form_label">Confirm your password:</label>
+                </td>
+                <td class="col-12">
+                    <input
+                        type="password"
+                        name="confirm"
+                        id="confirm"
+                        required="required"
+                    />
+                </td>
+            </tr>
+            <tr>
+                <td class="o_td_label text-nowrap">
+                    <label class="o_form_label">Keyfile:</label>
+                </td>
+                <td class="col-12">
+                    <input
+                        type="file"
+                        name="keyfile"
+                        id="keyfile"
+                        required="required"
+                    />
+                </td>
+            </tr>
+        </table>
+    </div>
+
+    <div t-name="vault.generate_pass" class="o_form_view">
+        <label for="password" class="col-lg-auto col-form-label">
+            Generate a new secret:
+        </label>
+
+        <table class="col o_group">
+            <tr>
+                <td class="o_td_label">
+                    <label class="o_form_label">Password:</label>
+                </td>
+                <td class="col-12">
+                    <span id="password" class="col-12 text-monospace" />
+                </td>
+            </tr>
+            <tr>
+                <td class="o_td_label">
+                    <label class="o_form_label">Length:</label>
+                </td>
+                <td class="col-12">
+                    <input
+                        type="range"
+                        id="length"
+                        min="8"
+                        max="64"
+                        value="15"
+                        class="col-12 custom-range align-middle"
+                    />
+                </td>
+            </tr>
+            <tr>
+                <td class="o_td_label">
+                    <label class="o_form_label">Characters:</label>
+                </td>
+                <td class="col-12">
+                    <input type="checkbox" id="big_letter" checked="checked" />
+                    <label class="o_form_label">A-Z</label>
+
+                    <input type="checkbox" id="small_letter" checked="checked" />
+                    <label class="o_form_label">a-z</label>
+
+                    <input type="checkbox" id="digits" checked="checked" />
+                    <label class="o_form_label">0-9</label>
+
+                    <input type="checkbox" id="special" />
+                    <label class="o_form_label">Special</label>
+                </td>
+            </tr>
+        </table>
+    </div>
+
+    <t t-name="FieldVault">
+        <div class="o_vault" t-if="widget.mode == 'edit'">
+            <button
+                class="btn fa fa-lock o_vault_generate"
+                title="Generate"
+                aria-label="Generate"
+            />
+            <input class="o_vault_value" t-esc="value" />
+        </div>
+        <div class="o_vault" t-else="">
+            <t t-call="vault.buttons" />
+            <span class="o_vault_value" t-esc="value" />
+        </div>
+    </t>
+
+    <t t-name="FieldVaultInbox">
+        <div class="o_vault">
+            <t t-call="vault.buttons" />
+            <button
+                class="btn fa fa-save o_vault_save"
+                title="Save in a vault"
+                aria-label="Save in a vault"
+            />
+
+            <span class="o_vault_inbox" t-esc="value" />
+        </div>
+    </t>
+
+    <t t-name="FileVaultInbox">
+        <div class="o_vault">
+            <button
+                class="btn fa fa-save o_vault_save"
+                title="Save in a vault"
+                aria-label="Save in a vault"
+            />
+
+            <span class="link"><span class="fa fa-download" /> <t
+                    t-esc="filename"
+                /></span>
+        </div>
+    </t>
+</templates>
diff --git a/vault/static/tests/vault_tests.js b/vault/static/tests/vault_tests.js
new file mode 100644
index 0000000000..02a2d5f5b2
--- /dev/null
+++ b/vault/static/tests/vault_tests.js
@@ -0,0 +1,209 @@
+// © 2021 Florian Kantelberg - initOS GmbH
+// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+/* global ArrayBuffer, QUnit, Uint8Array */
+
+odoo.define("vault.tests", function (require) {
+    "use strict";
+
+    var utils = require("vault.utils");
+
+    QUnit.module(
+        "vault",
+        {
+            before: function () {
+                utils.askpass = async function () {
+                    return {
+                        password: "test",
+                        keyfile: "",
+                    };
+                };
+            },
+        },
+        function () {
+            function is_keypair(keys, assert) {
+                assert.equal(keys.publicKey instanceof CryptoKey, true);
+                assert.equal(keys.publicKey.type, "public");
+                assert.equal(keys.privateKey instanceof CryptoKey, true);
+                assert.equal(keys.privateKey.type, "private");
+            }
+
+            QUnit.test("vault: Test conversion utils", async function (assert) {
+                assert.expect(7);
+
+                let text = "hello world";
+                let buf = utils.fromBinary(text);
+                assert.equal(true, buf instanceof ArrayBuffer);
+                assert.equal(text, utils.toBinary(buf));
+                assert.equal("", utils.toBinary(false));
+
+                text = "ImhlbGxvIHdvcmxkIg==";
+                buf = utils.fromBase64(text);
+                assert.equal(true, buf instanceof ArrayBuffer);
+                assert.equal(text, utils.toBase64(buf));
+                assert.equal("", utils.toBase64(false));
+
+                assert.equal("Hello World", utils.capitalize("hello world"));
+            });
+
+            QUnit.test("vault: Test generation utils", async function (assert) {
+                assert.expect(12);
+
+                let data = utils.generate_bytes(5);
+                assert.equal(true, data instanceof Uint8Array);
+                assert.equal(data.length, 5);
+                data = utils.generate_bytes(10);
+                assert.equal(data.length, 10);
+
+                data = utils.generate_iv_base64();
+                assert.equal(typeof data, "string");
+                assert.notEqual(data, utils.generate_iv_base64());
+
+                data = await utils.generate_key();
+                assert.equal(true, data instanceof CryptoKey);
+
+                data = await utils.generate_key_pair();
+                is_keypair(data, assert);
+
+                data = utils.generate_secret(10, "01");
+                assert.equal(data.length, 10);
+                let valid = true;
+                for (const c of data) if ("01".indexOf(c) < 0) valid = false;
+                assert.equal(valid, true);
+            });
+
+            QUnit.test("vault: Test asymmetric encryption", async function (assert) {
+                assert.expect(2);
+                const text = "hello world";
+                const key = await utils.generate_key_pair();
+
+                const crypted = await utils.asym_encrypt(key.publicKey, text);
+                assert.equal("string", typeof crypted);
+                assert.strictEqual(
+                    text,
+                    await utils.asym_decrypt(key.privateKey, crypted)
+                );
+            });
+
+            QUnit.test("vault: Test symmetric encryption", async function (assert) {
+                assert.expect(2);
+                const text = "hello world";
+                const key = await utils.generate_key();
+                const iv = utils.generate_iv_base64();
+
+                const crypted = await utils.sym_encrypt(key, text, iv);
+                assert.equal("string", typeof crypted);
+                assert.strictEqual(text, await utils.sym_decrypt(key, crypted, iv));
+            });
+
+            QUnit.test("vault: Test import/export", async function (assert) {
+                assert.expect(3);
+
+                const key = await utils.generate_key_pair();
+                let exported = await utils.export_public_key(key.publicKey);
+                let tmp = await utils.load_public_key(exported);
+                assert.deepEqual(key.publicKey, tmp);
+
+                const iv = utils.generate_bytes(10);
+                const salt = utils.generate_bytes(10);
+                const wrapper = await utils.derive_key("test", salt, 4000);
+                exported = await utils.export_private_key(key.privateKey, wrapper, iv);
+                tmp = await utils.load_private_key(
+                    exported,
+                    wrapper,
+                    utils.toBase64(iv)
+                );
+                assert.deepEqual(key.privateKey, tmp);
+
+                const master_key = await utils.generate_key();
+                exported = await utils.wrap(master_key, key.publicKey);
+                tmp = await utils.unwrap(exported, key.privateKey);
+                assert.deepEqual(master_key, tmp);
+            });
+
+            QUnit.test("vault: Test vault class", async function (assert) {
+                assert.expect(12);
+
+                var vault = require("vault");
+
+                await vault._initialize_keys();
+                is_keypair(vault.keys, assert);
+
+                vault.keys = undefined;
+                await vault._import_from_store();
+                is_keypair(vault.keys, assert);
+
+                vault.keys = undefined;
+                await vault._import_from_database();
+                is_keypair(vault.keys, assert);
+            });
+
+            QUnit.test("vault: Importer/exporter", async function (assert) {
+                // The exporter won't skip empty keys
+                const child = {
+                    uuid: "42a",
+                    note: "test note child",
+                    name: "test child",
+                    url: "child.example.org",
+                    fields: [],
+                    files: [],
+                    childs: [],
+                };
+
+                const data = {
+                    type: "raw",
+                    data: [
+                        child,
+                        {
+                            uuid: "42",
+                            note: "test note",
+                            name: "test name",
+                            url: "test.example.org",
+                            fields: [
+                                {name: "a", value: "Hello World"},
+                                {name: "secret", value: "dlrow olleh"},
+                            ],
+                            files: [],
+                            childs: [child, child],
+                        },
+                        child,
+                    ],
+                };
+
+                assert.expect(2);
+
+                var Exporter = require("vault.export");
+                var Importer = require("vault.import");
+                var vault = require("vault");
+                await vault._initialize_keys();
+
+                const master_key = await utils.generate_key();
+                const importer = new Importer();
+                const imported = await importer.import(
+                    master_key,
+                    "test.json",
+                    JSON.stringify(data)
+                );
+
+                const exporter = new Exporter();
+                const exported = await exporter.export(
+                    master_key,
+                    "test.json",
+                    JSON.stringify(imported)
+                );
+                assert.equal(exported.type, "encrypted");
+
+                const pass = await utils.derive_key(
+                    "test",
+                    utils.fromBase64(exported.salt),
+                    exported.iterations
+                );
+
+                const tmp = JSON.parse(
+                    await utils.sym_decrypt(pass, exported.data, exported.iv)
+                );
+                assert.deepEqual(tmp, data.data);
+            });
+        }
+    );
+});
diff --git a/vault/tests/__init__.py b/vault/tests/__init__.py
new file mode 100644
index 0000000000..9ceb22d222
--- /dev/null
+++ b/vault/tests/__init__.py
@@ -0,0 +1,4 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+from . import test_log, test_rights, test_user, test_vault, test_widgets
diff --git a/vault/tests/test_inbox.py b/vault/tests/test_inbox.py
new file mode 100644
index 0000000000..017b4ca02d
--- /dev/null
+++ b/vault/tests/test_inbox.py
@@ -0,0 +1,115 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import logging
+from datetime import datetime
+from uuid import uuid4
+
+from odoo.tests import TransactionCase
+
+_logger = logging.getLogger(__name__)
+
+
+class TestShare(TransactionCase):
+    def test_user_inbox(self):
+        user = self.env["res.users"].create(
+            {"login": "test", "email": "test@test", "name": "test"}
+        )
+
+        user.action_new_share_token()
+
+        model = self.env["res.users"]
+        token = user.inbox_token
+
+        self.assertEqual(user, model.find_user_of_inbox(token))
+        self.assertIn(token, user.inbox_link)
+
+        user.inbox_enabled = False
+        self.assertEqual(model, model.find_user_of_inbox(token))
+
+        user.action_new_share_token()
+        self.assertNotEqual(user.inbox_token, token)
+
+    def test_inbox(self):
+        model = self.env["vault.inbox"]
+        user = self.env.user
+        vals = {
+            "name": f"Inbox {user.name}",
+            "secret": "secret",
+            "iv": "iv",
+            "user": user,
+            "key": "key",
+            "secret_file": "",
+            "filename": "",
+        }
+
+        # Should create a new inbox for the user
+        inbox = model.store_in_inbox(**vals)
+        self.assertEqual(inbox.secret, "secret")
+        self.assertEqual(inbox.accesses, 0)
+        self.assertIn(inbox.token, inbox.inbox_link)
+
+        # No change because of no accesses left
+        vals["secret"] = "new secret"
+        inbox.store_in_inbox(**vals)
+        self.assertEqual(inbox.secret, "secret")
+        self.assertEqual(inbox.accesses, 0)
+
+        # Change expected because 5 accesses left
+        inbox.accesses = 5
+        inbox.store_in_inbox(**vals)
+        self.assertEqual(inbox.secret, "new secret")
+        self.assertEqual(inbox.accesses, 4)
+
+        # No change because expired
+        vals["secret"] = "newer secret"
+        inbox.expiration = datetime(1970, 1, 1)
+        inbox.store_in_inbox(**vals)
+        self.assertEqual(inbox.secret, "new secret")
+        self.assertEqual(inbox.accesses, 4)
+
+        # Search for shares
+        self.assertEqual(inbox, model.find_inbox(inbox.token))
+        self.assertEqual(model, model.find_inbox(uuid4()))
+
+    def test_send_wizard(self):
+        user = self.env.user
+        wiz = self.env["vault.send.wizard"].create(
+            {
+                "name": uuid4(),
+                "iv": "iv",
+                "key_user": "key",
+                "key": "k",
+                "secret": uuid4(),
+                "user_id": user.id,
+            }
+        )
+
+        # Create a new inbox
+        wiz.action_send()
+        self.assertTrue(self.env["vault.inbox"].search([("name", "=", wiz.name)]))
+
+    def test_store_wizard(self):
+        vault = self.env["vault"].create({"name": "Vault"})
+
+        entry = self.env["vault.entry"].create({"vault_id": vault.id, "name": "Entry"})
+
+        wiz = self.env["vault.store.wizard"].create(
+            {
+                "vault_id": vault.id,
+                "entry_id": entry.id,
+                "name": uuid4(),
+                "iv": "iv",
+                "key": "k",
+                "secret": uuid4(),
+                "secret_temporary": "temp",
+                "model": "vault.field",
+            }
+        )
+
+        vault.right_ids.write({"key": uuid4()})
+        self.assertEqual(wiz.master_key, vault.right_ids.key)
+
+        wiz.action_store()
+
+        self.assertEqual(wiz.name, entry.field_ids.name)
diff --git a/vault/tests/test_log.py b/vault/tests/test_log.py
new file mode 100644
index 0000000000..974fe44570
--- /dev/null
+++ b/vault/tests/test_log.py
@@ -0,0 +1,41 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import logging
+
+from odoo.tests import TransactionCase
+
+_logger = logging.getLogger(__name__)
+
+
+class TestLog(TransactionCase):
+    def test_not_implemeneted(self):
+        with self.assertRaises(NotImplementedError):
+            self.env["vault.abstract"].log_entry("test")
+
+        with self.assertRaises(NotImplementedError):
+            self.env["vault.abstract"].log_info("test")
+
+        with self.assertRaises(NotImplementedError):
+            self.env["vault.abstract"].log_warn("test")
+
+        with self.assertRaises(NotImplementedError):
+            self.env["vault.abstract"].log_error("test")
+
+    def test_log_created(self):
+        vault = self.env["vault"].create({"name": "Vault"})
+        entry = self.env["vault.entry"].create({"vault_id": vault.id, "name": "Entry"})
+
+        vault.log_ids.unlink()
+
+        vault.log_info("info")
+        self.assertEqual(vault.log_ids.mapped("state"), ["info"])
+        self.assertEqual(entry.log_ids.mapped("state"), [])
+
+        entry.log_warn("warn")
+        self.assertEqual(vault.log_ids.mapped("state"), ["info", "warn"])
+        self.assertEqual(entry.log_ids.mapped("state"), ["warn"])
+
+        entry.log_error("error")
+        self.assertEqual(vault.log_ids.mapped("state"), ["info", "warn", "error"])
+        self.assertEqual(entry.log_ids.mapped("state"), ["warn", "error"])
diff --git a/vault/tests/test_rights.py b/vault/tests/test_rights.py
new file mode 100644
index 0000000000..08d5de5acb
--- /dev/null
+++ b/vault/tests/test_rights.py
@@ -0,0 +1,128 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import logging
+
+from odoo.exceptions import AccessError
+from odoo.tests import TransactionCase
+
+_logger = logging.getLogger(__name__)
+
+
+class TestAccessRights(TransactionCase):
+    def setUp(self):
+        super().setUp()
+        self.user = self.env["res.users"].create(
+            {"login": "user", "name": "tester", "email": "user@localhost"}
+        )
+        self.vault = self.env["vault"].create({"name": "Vault"})
+        self.entry = self.env["vault.entry"].create(
+            {"vault_id": self.vault.id, "name": "Entry"}
+        )
+        self.field = self.env["vault.field"].create(
+            {"entry_id": self.entry.id, "name": "Field", "value": "Value"}
+        )
+        self.vault.right_ids.write({"key": "Owner"})
+
+    def test_public_key(self):
+        key = self.env["res.users.key"].create(
+            {
+                "user_id": self.vault.user_id.id,
+                "public": "a public key",
+                "salt": "42",
+                "iv": "2424",
+                "iterations": 4000,
+                "private": "24",
+            }
+        )
+        self.assertTrue(self.vault.right_ids.public_key)
+        self.assertEqual(key.public, self.vault.right_ids.public_key)
+
+    def test_owner_access(self):
+        # The owner can always access despite the permissions
+        for obj in [self.field, self.entry, self.vault]:
+            obj.name = "Owned"
+
+            right = self.vault.right_ids
+            right.perm_write = False
+            obj.name = "Owned"
+
+            right.perm_delete = False
+            obj.unlink()
+
+    def test_no_right(self):
+        # No right defined for test user means access denied
+        for obj in [self.field, self.entry, self.vault]:
+            with self.assertRaises(AccessError):
+                self.assertTrue(obj.with_user(self.user).read())
+
+            with self.assertRaises(AccessError):
+                obj.with_user(self.user).name = "Owned"
+
+            with self.assertRaises(AccessError):
+                obj.with_user(self.user).unlink()
+
+    def test_no_permission(self):
+        # Defined right but no write permission means access denied
+        self.env["vault.right"].create(
+            {
+                "vault_id": self.vault.id,
+                "user_id": self.user.id,
+                "perm_write": False,
+                "perm_delete": False,
+            }
+        )
+        for obj in [self.field, self.entry, self.vault]:
+            self.assertTrue(obj.with_user(self.user).read())
+
+            with self.assertRaises(AccessError):
+                obj.with_user(self.user).name = "Owned"
+
+            with self.assertRaises(AccessError):
+                obj.with_user(self.user).unlink()
+
+    def test_granted(self):
+        # Granted write permission allows writing
+        self.env["vault.right"].create(
+            {
+                "vault_id": self.vault.id,
+                "user_id": self.user.id,
+                "perm_write": True,
+                "perm_delete": True,
+            }
+        )
+        for obj in [self.field, self.entry, self.vault]:
+            self.assertTrue(obj.with_user(self.user).read())
+
+            obj.with_user(self.user).name = "Owned"
+            obj.with_user(self.user).unlink()
+
+    def test_owner_share(self):
+        self.env["vault.right"].create(
+            {"vault_id": self.vault.id, "user_id": self.user.id}
+        )
+
+    def test_user_share_no_right(self):
+        # No right defined means AccessError
+        with self.assertRaises(AccessError):
+            self.env["vault.right"].with_user(self.user).create(
+                {"vault_id": self.vault.id, "user_id": 2}
+            )
+
+    def test_user_share_no_permission(self):
+        # Created right but no permission to share
+        right = self.env["vault.right"].create(
+            {"vault_id": self.vault.id, "user_id": self.user.id, "perm_share": False}
+        )
+
+        with self.assertRaises(AccessError):
+            right.with_user(self.user).create({"vault_id": self.vault.id, "user_id": 2})
+
+    def test_user_share_granted(self):
+        # Granted permission to share
+        right = self.env["vault.right"].create(
+            {"vault_id": self.vault.id, "user_id": self.user.id, "perm_share": True}
+        )
+        right.with_user(self.user).create({"vault_id": self.vault.id, "user_id": 2})
+
+        right.unlink()
diff --git a/vault/tests/test_user.py b/vault/tests/test_user.py
new file mode 100644
index 0000000000..051bb1b71b
--- /dev/null
+++ b/vault/tests/test_user.py
@@ -0,0 +1,29 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import logging
+
+from odoo.tests import TransactionCase
+
+_logger = logging.getLogger(__name__)
+
+
+class TestShare(TransactionCase):
+    def test_user_inbox(self):
+        user = self.env["res.users"].create(
+            {"login": "test", "email": "test@test", "name": "test"}
+        )
+
+        user.action_new_share_token()
+
+        model = self.env["res.users"]
+        token = user.inbox_token
+
+        self.assertEqual(user, model.find_user_of_inbox(token))
+        self.assertIn(token, user.inbox_link)
+
+        user.inbox_enabled = False
+        self.assertEqual(model, model.find_user_of_inbox(token))
+
+        user.action_new_share_token()
+        self.assertNotEqual(user.inbox_token, token)
diff --git a/vault/tests/test_vault.py b/vault/tests/test_vault.py
new file mode 100644
index 0000000000..5a46c3f2b3
--- /dev/null
+++ b/vault/tests/test_vault.py
@@ -0,0 +1,131 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import logging
+
+from odoo.exceptions import ValidationError
+from odoo.tests import TransactionCase
+
+_logger = logging.getLogger(__name__)
+
+
+class TestVault(TransactionCase):
+    def setUp(self):
+        super().setUp()
+
+        self.vault = self.env["vault"].create({"name": "Vault"})
+        self.entry = self.env["vault.entry"].create(
+            {"vault_id": self.vault.id, "name": "Entry"}
+        )
+        self.child = self.env["vault.entry"].create(
+            {"vault_id": self.vault.id, "name": "Child", "parent_id": self.entry.id}
+        )
+
+    def test_entry_path(self):
+        self.assertEqual(self.entry.complete_name, "Entry")
+        self.assertEqual(self.child.complete_name, "Entry / Child")
+
+    def test_wizard_actions(self):
+        values = self.child.action_open_import_wizard()
+        self.assertEqual(values["context"]["default_parent_id"], self.child.id)
+
+        values = self.vault.action_open_import_wizard()
+        self.assertNotIn("default_parent_id", values["context"])
+
+        values = self.child.action_open_export_wizard()
+        self.assertEqual(values["context"]["default_entry_id"], self.child.id)
+
+        values = self.vault.action_open_export_wizard()
+        self.assertNotIn("default_entry_id", values["context"])
+
+    def test_master_key(self):
+        right = self.vault.right_ids
+        self.assertEqual(self.vault.master_key, right.master_key)
+
+        self.vault.master_key = "test"
+        self.assertEqual(right.key, "test")
+
+    def test_share_public_key(self):
+        key = self.env["res.users.key"].create(
+            {
+                "user_id": self.vault.user_id.id,
+                "public": "a public key",
+                "salt": "42",
+                "iv": "2424",
+                "iterations": 4000,
+                "private": "24",
+            }
+        )
+
+        expected = {"user": 1, "public": key.public}
+        self.assertIn(expected, self.vault.share_public_keys())
+
+    def test_keys(self):
+        key = self.env["res.users.key"].create(
+            {
+                "user_id": self.vault.user_id.id,
+                "public": "a public key",
+                "salt": "42",
+                "iv": "2424",
+                "iterations": 4000,
+                "private": "24",
+            }
+        )
+
+        self.assertEqual(set("0123456789abcdef:"), set(key.fingerprint))
+
+        key.public = ""
+        self.assertEqual(key.fingerprint, False)
+
+    def test_store_keys(self):
+        model = self.env["res.users.key"]
+
+        # Raise some errors because of wrong parameters
+        with self.assertRaises(ValidationError):
+            model.store(1, "iv", "private", "public", 42)
+
+        with self.assertRaises(ValidationError):
+            model.store(3000, "iv", "private", "public", "salt")
+
+        # Actually store a new key
+        uuid = model.store(4000, "iv", "private", "public", "salt")
+        rec = model.search([("uuid", "=", uuid)])
+        self.assertEqual(rec.private, "private")
+        self.assertTrue(rec.current)
+
+        # Don't store the same again
+        uuid = model.store(4000, "iv", "private", "public", "salt")
+        self.assertFalse(uuid)
+
+        # Store a new one and disable the old one
+        uuid = model.store(4000, "iv", "more private", "public", "salt")
+        self.assertFalse(rec.current)
+
+        rec = model.search([("uuid", "=", uuid)])
+        self.assertEqual(rec.private, "more private")
+        self.assertTrue(rec.current)
+
+        # Try to extract the public key again
+        user_id = self.env["res.users"].search([], limit=1, order="id DESC").id
+        public = model.extract_public_key(user_id + 1)
+        self.assertFalse(public)
+        public = model.extract_public_key(self.env.uid)
+        self.assertEqual(public, "public")
+
+    def test_vault_keys(self):
+        keys = self.env.user.get_vault_keys()
+        self.assertEqual(keys, {})
+
+        data = {
+            "user_id": self.env.user.id,
+            "public": "a public key",
+            "salt": "42",
+            "iv": "2424",
+            "iterations": 4000,
+            "private": "24",
+        }
+        self.env["res.users.key"].create(data)
+
+        keys = self.env.user.get_vault_keys()
+        for key in ["private", "public", "iv", "salt", "iterations"]:
+            self.assertEqual(keys[key], data[key])
diff --git a/vault/tests/test_widgets.py b/vault/tests/test_widgets.py
new file mode 100644
index 0000000000..3c9d3e871d
--- /dev/null
+++ b/vault/tests/test_widgets.py
@@ -0,0 +1,156 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import json
+import logging
+from uuid import uuid4
+
+from odoo.exceptions import UserError
+from odoo.tests import TransactionCase
+
+_logger = logging.getLogger(__name__)
+
+
+TestChild = {
+    "uuid": "42a",
+    "note": "test note child",
+    "name": "test child",
+    "url": "child.example.org",
+    "fields": [],
+    "files": [],
+    "childs": [],
+}
+
+TestData = [
+    {
+        "uuid": "42b",
+        "note": "test note child",
+        "name": "don't import",
+        "url": "child.example.org",
+        "fields": [],
+        "files": [],
+        "childs": [],
+    },
+    TestChild,
+    {
+        "uuid": "42",
+        "note": "test note",
+        "name": "test name",
+        "url": "test.example.org",
+        "fields": [
+            {"name": "a", "value": "Hello World", "iv": "abcd"},
+            {"name": "secret", "value": "dlrow olleh", "iv": "abcd"},
+            {"name": "secret", "value": "dlrow olle", "iv": "abcd"},
+        ],
+        "files": [
+            {"name": "a", "value": "Hello World", "iv": "abcd"},
+            {"name": "secret", "value": "dlrow olleh", "iv": "abcd"},
+            {},
+        ],
+        "childs": [
+            {
+                "uuid": "42aa",
+                "note": "test note subchild",
+                "name": "test subchild",
+                "url": "subchild.example.org",
+                "fields": [],
+                "files": [],
+                "childs": [],
+            },
+            TestChild,
+        ],
+    },
+    TestChild,
+]
+
+
+class TestWidgets(TransactionCase):
+    def setUp(self):
+        super().setUp()
+
+        self.vault = self.env["vault"].create({"name": "Vault"})
+        self.entry = self.env["vault.entry"].create(
+            {"vault_id": self.vault.id, "name": "Entry"}
+        )
+
+    def test_path_generation(self):
+        wiz = self.env["vault.import.wizard"].create(
+            {"vault_id": self.vault.id, "crypted_content": json.dumps(TestData)}
+        )
+        wiz._onchange_content()
+
+        paths = wiz.path.search([("uuid", "=", wiz.uuid)]).mapped("name")
+
+        self.assertEqual(len(paths), 6)
+        self.assertIn("test name / test child", paths)
+        self.assertIn("test child", paths)
+        self.assertIn("test name", paths)
+
+    def test_import(self):
+        uuid = uuid4()
+        path = self.env["vault.import.wizard.path"].create(
+            {"name": "test", "uuid": uuid}
+        )
+
+        wiz = self.env["vault.import.wizard"].create(
+            {
+                "vault_id": self.vault.id,
+                "crypted_content": json.dumps(TestData),
+                "path": path.id,
+                "uuid": uuid,
+            }
+        )
+
+        wiz.action_import()
+
+        # We have duplicates
+        uuids = {"42", "42a", "42aa", self.entry.uuid}
+        self.assertSetEqual(set(self.vault.entry_ids.mapped("uuid")), uuids)
+
+        # Creation is depth-first which will cause the 42a to move up
+        self.assertEqual(self.vault.entry_ids.mapped("child_ids.uuid"), ["42aa"])
+
+        # This will cause an overwrite of the field
+        domain = [("entry_id.uuid", "=", "42"), ("name", "=", "secret")]
+        rec = self.env["vault.field"].search(domain)
+        self.assertEqual(rec.mapped("value"), ["dlrow olle"])
+
+        # Field with missing keys should fail
+        with self.assertRaises(UserError):
+            TestChild["fields"].append({"name": "12", "value": "eulav"})
+            wiz.crypted_content = json.dumps([TestChild])
+            wiz.action_import()
+
+    def test_export(self):
+        child = self.env["vault.entry"].create(
+            {"vault_id": self.vault.id, "name": "Child", "parent_id": self.entry.id}
+        )
+
+        second = self.env["vault.entry"].create(
+            {"vault_id": self.vault.id, "name": "second"}
+        )
+
+        wiz = self.env["vault.export.wizard"].create({"vault_id": self.vault.id})
+
+        # Export without entry should export entire vault
+        wiz._change_content()
+        entries = json.loads(wiz.content)
+        self.assertEqual({e["uuid"] for e in entries}, {second.uuid, self.entry.uuid})
+        self.assertEqual(len(entries), 2)
+
+        wiz.entry_id = self.entry
+
+        # Export the entire tree
+        wiz._change_content()
+        entries = json.loads(wiz.content)
+        self.assertEqual(len(entries), 1)
+        self.assertEqual(entries[0]["uuid"], self.entry.uuid)
+        self.assertEqual(entries[0]["childs"][0]["uuid"], child.uuid)
+
+        # Skip exporting childs
+        wiz.include_childs = False
+        wiz._change_content()
+        entries = json.loads(wiz.content)
+        self.assertEqual(len(entries), 1)
+        self.assertEqual(entries[0]["uuid"], self.entry.uuid)
+        self.assertEqual(len(entries[0]["childs"]), 0)
diff --git a/vault/views/assets.xml b/vault/views/assets.xml
new file mode 100644
index 0000000000..c44b96a0e2
--- /dev/null
+++ b/vault/views/assets.xml
@@ -0,0 +1,37 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<odoo>
+    <template id="assets_backend" inherit_id="web.assets_backend">
+        <xpath expr="." position="inside">
+            <script
+                type="text/javascript"
+                src="/vault/static/lib/kdbxweb/kdbxweb.min.js"
+            />
+            <script type="text/javascript" src="/vault/static/src/js/user_menu.js" />
+            <script type="text/javascript" src="/vault/static/src/js/vault.js" />
+            <script
+                type="text/javascript"
+                src="/vault/static/src/js/vault_controller.js"
+            />
+            <script type="text/javascript" src="/vault/static/src/js/vault_export.js" />
+            <script type="text/javascript" src="/vault/static/src/js/vault_import.js" />
+            <script type="text/javascript" src="/vault/static/src/js/vault_utils.js" />
+            <script type="text/javascript" src="/vault/static/src/js/vault_widget.js" />
+            <link
+                rel="stylesheet"
+                type="text/scss"
+                href="/vault/static/src/scss/vault.scss"
+            />
+        </xpath>
+    </template>
+
+    <template id="tests_assets" inherit_id="web.tests_assets">
+        <xpath expr="." position="inside">
+            <script type="text/javascript" src="/vault/static/tests/vault_tests.js" />
+        </xpath>
+    </template>
+
+    <template id="inbox_frontend">
+        <script type="text/javascript" src="/vault/static/src/js/vault_utils.js" />
+        <script type="text/javascript" src="/vault/static/src/js/vault_inbox.js" />
+    </template>
+</odoo>
diff --git a/vault/views/menuitems.xml b/vault/views/menuitems.xml
new file mode 100644
index 0000000000..3673b5a769
--- /dev/null
+++ b/vault/views/menuitems.xml
@@ -0,0 +1,57 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<odoo>
+    <record id="action_vault" model="ir.actions.act_window">
+        <field name="name">Vault</field>
+        <field name="res_model">vault</field>
+        <field name="view_mode">tree,form</field>
+    </record>
+
+    <record id="action_vault_entry" model="ir.actions.act_window">
+        <field name="name">Entries</field>
+        <field name="res_model">vault.entry</field>
+        <field name="view_mode">tree,form</field>
+        <field name="view_id" ref="view_vault_entry_full_tree" />
+        <field name="search_view_id" ref="view_vault_entry_search" />
+    </record>
+
+    <record id="action_vault_inbox" model="ir.actions.act_window">
+        <field name="name">Inbox</field>
+        <field name="res_model">vault.inbox</field>
+        <field name="view_mode">tree,form</field>
+    </record>
+
+    <record id="action_vault_right" model="ir.actions.act_window">
+        <field name="name">Rights</field>
+        <field name="res_model">vault.right</field>
+        <field name="view_mode">tree</field>
+        <field name="view_id" ref="view_vault_right_overview_tree" />
+        <field name="search_view_id" ref="view_vault_right_overview_search" />
+    </record>
+
+    <menuitem
+        id="menu_vault"
+        groups="base.group_user"
+        action="action_vault"
+        web_icon="vault,static/description/icon.png"
+    />
+    <menuitem
+        id="menu_vault_entry"
+        groups="base.group_user"
+        parent="menu_vault"
+        action="action_vault_entry"
+    />
+    <menuitem
+        id="menu_vault_inbox"
+        groups="base.group_user"
+        parent="vault.menu_vault"
+        action="action_vault_inbox"
+        sequence="40"
+    />
+    <menuitem
+        id="menu_vault_right"
+        groups="base.group_user"
+        parent="vault.menu_vault"
+        action="action_vault_right"
+        sequence="50"
+    />
+</odoo>
diff --git a/vault/views/res_users_views.xml b/vault/views/res_users_views.xml
new file mode 100644
index 0000000000..03fecc488d
--- /dev/null
+++ b/vault/views/res_users_views.xml
@@ -0,0 +1,71 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<odoo>
+    <record id="view_res_users_key_tree" model="ir.ui.view">
+        <field name="model">res.users.key</field>
+        <field name="arch" type="xml">
+            <tree editable="bottom">
+                <field name="current" readonly="1" />
+                <field name="fingerprint" readonly="1" />
+            </tree>
+        </field>
+    </record>
+
+    <record id="view_res_users_key_form" model="ir.ui.view">
+        <field name="model">res.users.key</field>
+        <field name="arch" type="xml">
+            <form>
+                <sheet>
+                    <group>
+                        <field name="fingerprint" readonly="1" />
+                    </group>
+                </sheet>
+            </form>
+        </field>
+    </record>
+
+    <record id="view_users_form_keys_modif" model="ir.ui.view">
+        <field name="model">res.users</field>
+        <field name="arch" type="xml">
+            <form>
+                <sheet>
+                    <group>
+                        <field name="inbox_link" widget="url" />
+                        <field name="inbox_enabled" />
+                    </group>
+
+                    <field name="keys" />
+                </sheet>
+                <footer>
+                    <button
+                        name="action_generate_key"
+                        string="New private key"
+                        class="btn-primary"
+                    />
+                    <button
+                        name="action_new_share_token"
+                        type="object"
+                        string="New inbox link"
+                        class="btn-primary"
+                    />
+                    <button special="cancel" string="Cancel" class="btn-secondary" />
+                </footer>
+            </form>
+        </field>
+    </record>
+
+
+    <record id="action_res_users_keys" model="ir.actions.act_window">
+        <field name="name">Manage my keys</field>
+        <field name="type">ir.actions.act_window</field>
+        <field name="res_model">res.users</field>
+        <field name="target">new</field>
+        <field name="view_mode">form</field>
+    </record>
+
+    <record id="action_res_users_keys_view" model="ir.actions.act_window.view">
+        <field eval="10" name="sequence" />
+        <field name="view_mode">form</field>
+        <field name="view_id" ref="view_users_form_keys_modif" />
+        <field name="act_window_id" ref="action_res_users_keys" />
+    </record>
+</odoo>
diff --git a/vault/views/templates.xml b/vault/views/templates.xml
new file mode 100644
index 0000000000..6b6bfc25eb
--- /dev/null
+++ b/vault/views/templates.xml
@@ -0,0 +1,91 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<odoo>
+    <template id="inbox">
+        <t t-call="web.login_layout">
+            <t t-call-assets="vault.inbox_frontend" t-css="false" />
+
+            <form
+                class="oe_login_form"
+                role="form"
+                t-attf-action="/vault/inbox/{{ token }}"
+                method="post"
+                onsubmit="this.action = this.action + location.hash"
+            >
+                <input
+                    type="hidden"
+                    name="csrf_token"
+                    t-att-value="request.csrf_token()"
+                />
+                <input type="hidden" id="token" name="token" t-att-value="token" />
+                <input type="hidden" id="public" name="public" t-att-value="public" />
+                <input type="hidden" id="encrypted" name="encrypted" />
+                <input type="hidden" id="encrypted_file" name="encrypted_file" />
+                <input type="hidden" id="filename" name="filename" />
+                <input type="hidden" id="iv" name="iv" />
+                <input type="hidden" id="key" name="key" />
+
+                <div class="form-group">
+                    <label for="name">Name of your secret:</label>
+                    <input
+                        type="text"
+                        t-if="name"
+                        name="name"
+                        readonly="readonly"
+                        class="form-control"
+                        t-att-value="name"
+                    />
+                    <input
+                        type="text"
+                        t-else=""
+                        name="name"
+                        required="required"
+                        autofocus="autofocus"
+                        class="form-control"
+                    />
+                </div>
+
+                <div class="form-group">
+                    <label for="secret">Secret to share:</label>
+                    <input
+                        placeholder="Secret"
+                        type="text"
+                        id="secret"
+                        name="secret"
+                        required="required"
+                        autofocus="autofocus"
+                        class="form-control"
+                    />
+                </div>
+
+                <div class="form-group">
+                    <label for="secret">File to share:</label>
+                    <input
+                        type="file"
+                        placeholder="Secret"
+                        id="secret_file"
+                        name="secret_file"
+                        required="required"
+                        class="form-control"
+                    />
+                </div>
+
+                <p class="alert alert-danger" t-if="error" role="alert" t-esc="error" />
+                <p
+                    class="alert alert-success"
+                    t-if="message"
+                    role="status"
+                    t-esc="message"
+                />
+
+                <div
+                    t-attf-class="clearfix text-center mb-1 {{'pt-2' if form_small else 'pt-3'}}"
+                >
+                    <button
+                        type="submit"
+                        class="btn btn-primary btn-block"
+                    >Submit secret</button>
+                </div>
+            </form>
+        </t>
+    </template>
+</odoo>
diff --git a/vault/views/vault_entry_views.xml b/vault/views/vault_entry_views.xml
new file mode 100644
index 0000000000..0ab5208ba7
--- /dev/null
+++ b/vault/views/vault_entry_views.xml
@@ -0,0 +1,150 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<odoo>
+    <record id="view_vault_entry_tree" model="ir.ui.view">
+        <field name="model">vault.entry</field>
+        <field name="arch" type="xml">
+            <tree decoration-muted="expired">
+                <field name="expired" invisible="1" />
+                <field name="complete_name" />
+                <field name="tags" widget="many2many_tags" />
+            </tree>
+        </field>
+    </record>
+
+    <record id="view_vault_entry_full_tree" model="ir.ui.view">
+        <field name="model">vault.entry</field>
+        <field name="arch" type="xml">
+            <tree decoration-muted="expired">
+                <field name="expired" invisible="1" />
+                <field name="vault_id" />
+                <field name="complete_name" />
+                <field name="tags" widget="many2many_tags" />
+            </tree>
+        </field>
+    </record>
+
+    <record id="view_vault_entry_form" model="ir.ui.view">
+        <field name="model">vault.entry</field>
+        <field name="arch" type="xml">
+            <form>
+                <header>
+                    <button
+                        type="object"
+                        name="action_open_import_wizard"
+                        string="Import from file"
+                    />
+                    <button
+                        type="object"
+                        name="action_open_export_wizard"
+                        string="Export to file"
+                    />
+                </header>
+                <sheet>
+                    <field name="vault_id" invisible="1" />
+                    <field name="perm_user" invisible="1" />
+                    <field name="allowed_share" invisible="1" />
+                    <field name="allowed_write" invisible="1" />
+                    <field name="allowed_delete" invisible="1" />
+
+                    <group>
+                        <group>
+                            <field name="complete_name" />
+                            <field name="name" />
+                            <field name="url" widget="url" />
+                            <field name="tags" widget="many2many_tags" />
+                        </group>
+                        <group>
+                            <field
+                                name="parent_id"
+                                readonly="1"
+                                attrs="{'invisible':[('parent_id', '=', False)]}"
+                            />
+                            <field name="create_date" />
+                            <field name="write_date" />
+                            <field name="expire_date" />
+                        </group>
+                    </group>
+
+                    <notebook>
+                        <page string="Content">
+                            <label for="field_ids" />
+                            <field
+                                name="field_ids"
+                                context="{'default_entry_id': active_id}"
+                                options="{'create': [('allowed_write', '=', True)], 'delete': [('allowed_delete', '=', True)], 'no_open': true}"
+                            >
+                                <tree editable="bottom">
+                                    <field name="vault_id" invisible="1" />
+                                    <field name="entry_id" invisible="1" />
+                                    <field name="iv" invisible="1" />
+                                    <field name="master_key" invisible="1" />
+                                    <field name="name" />
+                                    <field
+                                        name="value"
+                                        widget="vault"
+                                        type="field_type"
+                                    />
+                                    <field name="write_date" />
+                                </tree>
+                            </field>
+
+                            <label for="file_ids" />
+                            <field
+                                name="file_ids"
+                                context="{'default_entry_id': active_id}"
+                                options="{'create': [('allowed_write', '=', True)], 'delete': [('allowed_delete', '=', True)], 'no_open': True}"
+                            >
+                                <tree editable="bottom">
+                                    <field name="vault_id" invisible="1" />
+                                    <field name="entry_id" invisible="1" />
+                                    <field name="iv" invisible="1" />
+                                    <field name="master_key" invisible="1" />
+                                    <field name="name" invisible="1" />
+                                    <field
+                                        name="value"
+                                        widget="vault_file"
+                                        filename="name"
+                                    />
+                                    <field name="write_date" />
+                                </tree>
+                            </field>
+                        </page>
+                        <page string="Note">
+                            <field name="note" />
+                        </page>
+                        <page string="Childs">
+                            <field
+                                name="child_ids"
+                                context="{'default_parent_id': active_id, 'default_vault_id': vault_id}"
+                            />
+                        </page>
+                        <page string="Log">
+                            <field name="log_ids" options="{'no_open': True}" />
+                        </page>
+                    </notebook>
+                </sheet>
+            </form>
+        </field>
+    </record>
+
+    <record id="view_vault_entry_search" model="ir.ui.view">
+        <field name="name">vault.entry.search</field>
+        <field name="model">vault.entry</field>
+        <field name="arch" type="xml">
+            <search>
+                <field name="complete_name" operator="ilike" />
+                <field name="name" operator="ilike" />
+                <field name="tags" operator="ilike" />
+                <field name="note" operator="ilike" />
+                <searchpanel>
+                    <field
+                        name="parent_id"
+                        select="category"
+                        string="Entries"
+                        enable_counters="1"
+                    />
+                </searchpanel>
+            </search>
+        </field>
+    </record>
+</odoo>
diff --git a/vault/views/vault_field_views.xml b/vault/views/vault_field_views.xml
new file mode 100644
index 0000000000..f22f96ec17
--- /dev/null
+++ b/vault/views/vault_field_views.xml
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<odoo>
+    <record id="view_vault_field_form" model="ir.ui.view">
+        <field name="model">vault.field</field>
+        <field name="arch" type="xml">
+            <form>
+                <sheet>
+                    <group>
+                        <field name="vault_id" invisible="1" />
+                        <field name="entry_id" invisible="1" />
+                        <field name="iv" invisible="1" />
+                        <field name="master_key" invisible="1" />
+                        <field name="name" />
+                        <field name="value" widget="vault" type="field_type" />
+                        <field name="write_date" />
+                    </group>
+                </sheet>
+            </form>
+        </field>
+    </record>
+
+    <record id="view_vault_field_tree" model="ir.ui.view">
+        <field name="model">vault.field</field>
+        <field name="arch" type="xml">
+            <tree create="false" delete="false">
+                <field name="vault_id" invisible="1" />
+                <field name="entry_id" invisible="1" />
+                <field name="iv" invisible="1" />
+                <field name="master_key" invisible="1" />
+                <field name="name" />
+                <field name="value" widget="vault" type="field_type" />
+                <field name="write_date" />
+            </tree>
+        </field>
+    </record>
+</odoo>
diff --git a/vault/views/vault_file_views.xml b/vault/views/vault_file_views.xml
new file mode 100644
index 0000000000..78769dc746
--- /dev/null
+++ b/vault/views/vault_file_views.xml
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<odoo>
+    <record id="view_vault_file_form" model="ir.ui.view">
+        <field name="model">vault.file</field>
+        <field name="arch" type="xml">
+            <form>
+                <sheet>
+                    <group>
+                        <field name="vault_id" invisible="1" />
+                        <field name="entry_id" invisible="1" />
+                        <field name="iv" invisible="1" />
+                        <field name="master_key" invisible="1" />
+                        <field name="name" invisible="1" />
+                        <field name="value" widget="vault_file" filename="name" />
+                        <field name="write_date" />
+                    </group>
+                </sheet>
+            </form>
+        </field>
+    </record>
+
+    <record id="view_vault_file_tree" model="ir.ui.view">
+        <field name="model">vault.file</field>
+        <field name="arch" type="xml">
+            <tree create="false" delete="false">
+                <field name="vault_id" invisible="1" />
+                <field name="entry_id" invisible="1" />
+                <field name="iv" invisible="1" />
+                <field name="master_key" invisible="1" />
+                <field name="name" invisible="1" />
+                <field name="value" widget="vault_file" filename="name" />
+                <field name="write_date" />
+            </tree>
+        </field>
+    </record>
+</odoo>
diff --git a/vault/views/vault_inbox_views.xml b/vault/views/vault_inbox_views.xml
new file mode 100644
index 0000000000..100b57d872
--- /dev/null
+++ b/vault/views/vault_inbox_views.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<odoo>
+    <record id="view_vault_inbox_tree" model="ir.ui.view">
+        <field name="model">vault.inbox</field>
+        <field name="arch" type="xml">
+            <tree>
+                <field name="name" />
+            </tree>
+        </field>
+    </record>
+
+    <record id="view_vault_inbox_form" model="ir.ui.view">
+        <field name="model">vault.inbox</field>
+        <field name="arch" type="xml">
+            <form>
+                <sheet>
+                    <field name="user_id" invisible="1" />
+                    <field name="iv" invisible="1" />
+                    <field name="key" invisible="1" />
+                    <field name="filename" invisible="1" />
+                    <group>
+                        <field name="inbox_link" widget="url" />
+                        <field name="name" />
+                        <field name="accesses" />
+                        <field name="expiration" />
+                        <field
+                            name="secret"
+                            widget="vault_inbox"
+                            attrs="{'invisible': [('secret', '=', False)]}"
+                        />
+                        <field
+                            name="secret_file"
+                            filename="filename"
+                            widget="vault_inbox_file"
+                            attrs="{'invisible': [('secret', '=', False)]}"
+                        />
+                    </group>
+                </sheet>
+            </form>
+        </field>
+    </record>
+</odoo>
diff --git a/vault/views/vault_log_views.xml b/vault/views/vault_log_views.xml
new file mode 100644
index 0000000000..87410a9c2a
--- /dev/null
+++ b/vault/views/vault_log_views.xml
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<odoo>
+    <record id="view_vault_log_tree" model="ir.ui.view">
+        <field name="model">vault.log</field>
+        <field name="arch" type="xml">
+            <tree
+                decoration-danger="state == 'error'"
+                decoration-warning="state == 'warn'"
+                decoration-info="state == 'info'"
+            >
+                <field name="user_id" />
+                <field name="message" />
+                <field name="create_date" />
+                <field name="state" invisible="1" />
+            </tree>
+        </field>
+    </record>
+</odoo>
diff --git a/vault/views/vault_right_views.xml b/vault/views/vault_right_views.xml
new file mode 100644
index 0000000000..bcbef35448
--- /dev/null
+++ b/vault/views/vault_right_views.xml
@@ -0,0 +1,70 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<odoo>
+    <record id="view_right_tree" model="ir.ui.view">
+        <field name="model">vault.right</field>
+        <field name="arch" type="xml">
+            <tree editable="bottom">
+                <field name="vault_id" invisible="1" />
+                <field name="master_key" invisible="1" />
+                <field name="key" invisible="1" />
+                <field name="public_key" invisible="1" />
+                <field name="user_id" />
+                <field name="perm_write" />
+                <field name="perm_share" />
+                <field name="perm_delete" />
+            </tree>
+        </field>
+    </record>
+
+    <record id="view_right_form" model="ir.ui.view">
+        <field name="model">vault.right</field>
+        <field name="arch" type="xml">
+            <form>
+                <sheet>
+                    <group>
+                        <field name="user_id" />
+                        <field name="perm_write" />
+                        <field name="perm_share" />
+                        <field name="perm_delete" />
+                    </group>
+                </sheet>
+            </form>
+        </field>
+    </record>
+
+    <record id="view_vault_right_overview_tree" model="ir.ui.view">
+        <field name="model">vault.right</field>
+        <field name="arch" type="xml">
+            <tree editable="bottom">
+                <field name="vault_id" />
+                <field name="user_id" />
+                <field name="perm_write" />
+                <field name="perm_share" />
+                <field name="perm_delete" />
+            </tree>
+        </field>
+    </record>
+
+    <record id="view_vault_right_overview_search" model="ir.ui.view">
+        <field name="name">vault.right.overview.search</field>
+        <field name="model">vault.right</field>
+        <field name="arch" type="xml">
+            <search>
+                <field name="user_id" operator="ilike" />
+                <field name="vault_id" operator="ilike" />
+                <group expand="0" string="Grouped">
+                    <filter
+                        name="user_id"
+                        string="By user"
+                        context="{'group_by': 'user_id'}"
+                    />
+                    <filter
+                        name="vault_id"
+                        string="By vault"
+                        context="{'group_by': 'vault_id'}"
+                    />
+                </group>
+            </search>
+        </field>
+    </record>
+</odoo>
diff --git a/vault/views/vault_views.xml b/vault/views/vault_views.xml
new file mode 100644
index 0000000000..fbddb7d87e
--- /dev/null
+++ b/vault/views/vault_views.xml
@@ -0,0 +1,104 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<odoo>
+    <record id="view_vault_search" model="ir.ui.view">
+        <field name="name">vault.search</field>
+        <field name="model">vault</field>
+        <field name="arch" type="xml">
+            <search>
+                <field name="name" operator="ilike" />
+                <field name="note" operator="ilike" />
+            </search>
+        </field>
+    </record>
+
+    <record id="action_open_entries" model="ir.actions.act_window">
+        <field name="name">Entries</field>
+        <field name="res_model">vault.entry</field>
+        <field name="view_mode">tree,form</field>
+        <field name="domain">[("vault_id", "=", active_id)]</field>
+        <field name="context">{
+            "default_vault_id": active_id,
+            "searchpanel_default_vault_id": active_id}
+        </field>
+        <field name="search_view_id" ref="view_vault_entry_search" />
+    </record>
+
+    <record id="view_vault_tree" model="ir.ui.view">
+        <field name="model">vault</field>
+        <field name="arch" type="xml">
+            <tree>
+                <field name="name" />
+                <field name="user_id" />
+                <field name="note" />
+            </tree>
+        </field>
+    </record>
+
+    <record id="view_vault_form" model="ir.ui.view">
+        <field name="model">vault</field>
+        <field name="arch" type="xml">
+            <form>
+                <header>
+                    <button
+                        type="object"
+                        name="action_open_import_wizard"
+                        string="Import from file"
+                    />
+                    <button
+                        type="object"
+                        name="action_open_export_wizard"
+                        string="Export to file"
+                    />
+                </header>
+                <sheet>
+                    <div class="oe_button_box" name="button_box">
+                        <button
+                            class="oe_stat_button"
+                            name="vault.action_open_entries"
+                            string="Entries"
+                            type="action"
+                            icon="fa-bars"
+                        />
+                    </div>
+
+                    <group>
+                        <field name="allowed_share" invisible="1" />
+                        <field name="allowed_write" invisible="1" />
+                        <field name="allowed_delete" invisible="1" />
+                        <field name="master_key" invisible="1" required="1" />
+                        <field name="name" />
+                        <field name="user_id" />
+                        <field name="note" />
+
+                        <field
+                            name="field_ids"
+                            options="{'create': False, 'delete': False}"
+                            invisible="1"
+                        />
+                        <field
+                            name="file_ids"
+                            options="{'create': False, 'delete': False}"
+                            invisible="1"
+                        />
+                    </group>
+
+                    <notebook>
+                        <page
+                            string="Rights"
+                            attrs="{'invisible':[('allowed_share', '=', False)]}"
+                        >
+                            <field
+                                name="right_ids"
+                                context="{'default_vault_id': active_id}"
+                                options="{'create': [('allowed_share', '=', True)], 'delete': [('allowed_share', '=', True)]}"
+                            />
+                        </page>
+                        <page string="Log">
+                            <field name="log_ids" options="{'no_open': True}" />
+                        </page>
+                    </notebook>
+                </sheet>
+            </form>
+        </field>
+    </record>
+</odoo>
diff --git a/vault/wizards/__init__.py b/vault/wizards/__init__.py
new file mode 100644
index 0000000000..4059c96dcc
--- /dev/null
+++ b/vault/wizards/__init__.py
@@ -0,0 +1,9 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+from . import (
+    vault_export_wizard,
+    vault_import_wizard,
+    vault_send_wizard,
+    vault_store_wizard,
+)
diff --git a/vault/wizards/vault_export_wizard.py b/vault/wizards/vault_export_wizard.py
new file mode 100644
index 0000000000..8b68c58963
--- /dev/null
+++ b/vault/wizards/vault_export_wizard.py
@@ -0,0 +1,63 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import json
+import logging
+from datetime import datetime
+
+from odoo import _, api, fields, models
+
+_logger = logging.getLogger(__name__)
+
+
+class ExportWizard(models.TransientModel):
+    _name = "vault.export.wizard"
+    _description = _("Export wizard for vaults")
+
+    vault_id = fields.Many2one("vault", "Vault")
+    entry_id = fields.Many2one(
+        "vault.entry", "Entries", domain="[('vault_id', '=', vault_id)]"
+    )
+    master_key = fields.Char(related="vault_id.master_key")
+    name = fields.Char(default=lambda self: self._default_name())
+    content = fields.Binary("Download", attachment=False)
+    include_childs = fields.Boolean(default=True)
+
+    @api.onchange("vault_id", "entry_id")
+    def _change_content(self):
+        for rec in self.with_context(skip_log=True):
+            if rec.entry_id:
+                entries = rec.entry_id
+            else:
+                entries = rec.vault_id.entry_ids.filtered_domain(
+                    [("parent_id", "=", False)]
+                )
+
+            data = [rec._export_entry(x) for x in entries]
+            rec.content = json.dumps(data)
+
+    def _default_name(self):
+        return datetime.now().strftime("database-%Y%m%d-%H%M.json")
+
+    @api.model
+    def _export_field(self, rec):
+        def ensure_string(x):
+            return x.decode() if isinstance(x, bytes) else x
+
+        return {f: ensure_string(rec[f]) for f in ["name", "iv", "value"]}
+
+    def _export_entry(self, entry):
+        if self.include_childs:
+            childs = [self._export_entry(x) for x in entry.child_ids]
+        else:
+            childs = []
+
+        return {
+            "uuid": entry.uuid,
+            "name": entry.name,
+            "note": entry.note,
+            "url": entry.url,
+            "fields": entry.field_ids.mapped(self._export_field),
+            "files": entry.file_ids.mapped(self._export_field),
+            "childs": childs,
+        }
diff --git a/vault/wizards/vault_export_wizard.xml b/vault/wizards/vault_export_wizard.xml
new file mode 100644
index 0000000000..9df1ab15b8
--- /dev/null
+++ b/vault/wizards/vault_export_wizard.xml
@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<odoo>
+    <record id="view_vault_export_wizard" model="ir.ui.view">
+        <field name="model">vault.export.wizard</field>
+        <field name="arch" type="xml">
+            <form>
+                <sheet>
+                    <field name="vault_id" invisible="1" />
+                    <field name="entry_id" invisible="1" />
+                    <field name="master_key" invisible="1" />
+                    <field name="name" invisible="1" />
+
+                    <group>
+                        <field
+                            name="content"
+                            widget="vault_export"
+                            filename="name"
+                            readonly="1"
+                        />
+                        <field name="include_childs" />
+                    </group>
+                </sheet>
+                <footer>
+                    <button type="special" string="Close" special="cancel" />
+                </footer>
+            </form>
+        </field>
+    </record>
+</odoo>
diff --git a/vault/wizards/vault_import_wizard.py b/vault/wizards/vault_import_wizard.py
new file mode 100644
index 0000000000..15fd16b5c9
--- /dev/null
+++ b/vault/wizards/vault_import_wizard.py
@@ -0,0 +1,134 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import json
+import logging
+from uuid import uuid4
+
+from odoo import _, api, fields, models
+from odoo.exceptions import UserError
+
+_logger = logging.getLogger(__name__)
+
+
+class ImportWizardPath(models.TransientModel):
+    _name = "vault.import.wizard.path"
+    _description = _("Import wizard path for vaults")
+
+    name = fields.Char(required=True)
+    uuid = fields.Char(required=True)
+
+
+class ImportWizard(models.TransientModel):
+    _name = "vault.import.wizard"
+    _description = _("Import wizard for vaults")
+
+    vault_id = fields.Many2one("vault", "Vault")
+    parent_id = fields.Many2one(
+        "vault.entry",
+        "Parent Entry",
+        domain="[('vault_id', '=', vault_id)]",
+    )
+    master_key = fields.Char(related="vault_id.master_key")
+    name = fields.Char()
+    content = fields.Binary("Database", attachment=False)
+    crypted_content = fields.Char()
+    uuid = fields.Char(default=lambda self: uuid4())
+
+    path = fields.Many2one(
+        "vault.import.wizard.path",
+        "Path to import",
+        default="",
+        domain="[('uuid', '=', uuid)]",
+    )
+
+    @api.onchange("crypted_content", "content")
+    def _onchange_content(self):
+        for rec in self:
+            if rec.crypted_content:
+                for entry in json.loads(rec.crypted_content or []):
+                    rec._create_path(entry)
+
+    def _create_path(self, entry, path=None):
+        self.ensure_one()
+        p = f"{path} / {entry['name']}" if path else entry["name"]
+
+        if "name" in entry:
+            self.env["vault.import.wizard.path"].create({"uuid": self.uuid, "name": p})
+
+        for child in entry.get("childs", []):
+            self._create_path(child, p)
+
+    def _import_field(self, entry, model, data):
+        if not data:
+            return
+
+        # Only copy specific fields
+        vals = {f: data[f] for f in ["name", "iv", "value"]}
+
+        # Update already existing records
+        domain = [("entry_id", "=", entry.id), ("name", "=", data["name"])]
+        rec = model.search(domain)
+        if rec:
+            rec.write(vals)
+        else:
+            rec.create({"entry_id": entry.id, **vals})
+
+    def _import_entry(self, entry, parent=None, path=None):
+        p = f"{path} / {entry['name']}" if path else entry["name"]
+        result = self.env["vault.entry"]
+        if p.startswith(self.path.name or ""):
+            if not parent:
+                parent = self.env["vault.entry"]
+
+            # Update existing records if already imported
+            rec = self.env["vault.entry"]
+            if entry.get("uuid"):
+                domain = [
+                    ("uuid", "=", entry["uuid"]),
+                    ("vault_id", "=", self.vault_id.id),
+                ]
+                rec = rec.search(domain, limit=1)
+
+            # If record not found create a new one
+            vals = {f: entry.get(f) for f in ["name", "note", "url", "uuid"]}
+            if not rec:
+                rec = rec.create(
+                    {"vault_id": self.vault_id.id, "parent_id": parent.id, **vals}
+                )
+            else:
+                rec.write({"parent_id": parent.id, **vals})
+
+            # Create/update the entry fields
+            for field in entry.get("fields", []):
+                self._import_field(rec, self.env["vault.field"], field)
+
+            # Create/update the entry files
+            for file in entry.get("files", []):
+                self._import_field(rec, self.env["vault.file"], file)
+
+            result |= rec
+
+        else:
+            rec = None
+
+        # Create the sub-entries
+        for child in entry.get("childs", []):
+            result |= self._import_entry(child, rec, p)
+
+        return result
+
+    def action_import(self):
+        self.ensure_one()
+
+        try:
+            data = json.loads(self.crypted_content)
+            entries = self.env["vault.entry"]
+            for entry in data:
+                entries |= self.with_context(skip_log=True)._import_entry(
+                    entry, self.parent_id
+                )
+
+            self.vault_id.log_entry(f"Imported entries from file {self.name}")
+        except Exception as e:
+            raise UserError(_("Invalid file to import from")) from e
diff --git a/vault/wizards/vault_import_wizard.xml b/vault/wizards/vault_import_wizard.xml
new file mode 100644
index 0000000000..9c3b3aac0a
--- /dev/null
+++ b/vault/wizards/vault_import_wizard.xml
@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<odoo>
+    <record id="view_vault_import_wizard" model="ir.ui.view">
+        <field name="model">vault.import.wizard</field>
+        <field name="arch" type="xml">
+            <form>
+                <sheet>
+                    <field name="master_key" invisible="1" />
+                    <field name="vault_id" invisible="1" />
+                    <field name="crypted_content" invisible="1" />
+                    <field name="name" invisible="1" />
+                    <field name="uuid" invisible="1" />
+
+                    <div>The files must end on one of the supported file type:</div>
+                    <ul>
+                        <li>Custom JSON format <b>.json</b></li>
+                        <li>Keepass Database <b>.kdbx</b></li>
+                    </ul>
+
+                    <group>
+                        <field name="content" filename="name" />
+                        <field
+                            name="parent_id"
+                            options="{'no_create_edit': True, 'no_open': True}"
+                        />
+                        <field
+                            name="path"
+                            attrs="{'invisible': [('crypted_content', '=', False)]}"
+                            options="{'no_create_edit': True, 'no_open': True}"
+                        />
+                    </group>
+                </sheet>
+                <footer>
+                    <button
+                        type="object"
+                        name="action_import"
+                        string="Import"
+                        class="oe_highlight"
+                        attrs="{'invisible': [('crypted_content', '=', False)]}"
+                    />
+                    <button
+                        type="object"
+                        name="action_import"
+                        string="Import"
+                        attrs="{'invisible': [('crypted_content', '!=', False)]}"
+                    />
+                    or
+                    <button type="special" string="Cancel" special="cancel" />
+                </footer>
+            </form>
+        </field>
+    </record>
+</odoo>
diff --git a/vault/wizards/vault_send_wizard.py b/vault/wizards/vault_send_wizard.py
new file mode 100644
index 0000000000..21f20c3fd6
--- /dev/null
+++ b/vault/wizards/vault_send_wizard.py
@@ -0,0 +1,51 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import logging
+
+from odoo import _, fields, models
+
+_logger = logging.getLogger(__name__)
+
+
+class VaultSendWizard(models.TransientModel):
+    _name = "vault.send.wizard"
+    _description = _("Wizard to send another user a secret")
+
+    user_id = fields.Many2one(
+        "res.users",
+        "User",
+        required=True,
+        domain=[
+            ("keys.public", "!=", False),
+            ("inbox_enabled", "=", True),
+        ],
+    )
+    name = fields.Char(required=True)
+    public = fields.Char(related="user_id.active_key.public")
+    iv = fields.Char(required=True)
+    key_user = fields.Char(required=True)
+    key = fields.Char(required=True)
+    secret = fields.Char(required=True)
+    secret_file = fields.Char()
+    filename = fields.Char()
+
+    _sql_constraints = [
+        (
+            "value_check",
+            "CHECK(secret IS NOT NULL OR secret_file IS NOT NULL)",
+            _("No value found"),
+        ),
+    ]
+
+    def action_send(self):
+        self.ensure_one()
+        self.env["vault.inbox"].sudo().store_in_inbox(
+            self.name,
+            self.secret,
+            self.secret_file,
+            self.iv,
+            self.key_user,
+            self.user_id,
+            self.filename,
+        )
diff --git a/vault/wizards/vault_send_wizard.xml b/vault/wizards/vault_send_wizard.xml
new file mode 100644
index 0000000000..97a3db4c00
--- /dev/null
+++ b/vault/wizards/vault_send_wizard.xml
@@ -0,0 +1,35 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<odoo>
+    <record id="view_vault_send_wizard" model="ir.ui.view">
+        <field name="model">vault.send.wizard</field>
+        <field name="arch" type="xml">
+            <form>
+                <sheet>
+                    <div>
+                        You can only send the secret to the user who has generated a key-pair.
+                        If an user is not showing please ask him to generate these.
+                    </div>
+                    <group>
+                        <field name="iv" invisible="1" />
+                        <field name="key" invisible="1" />
+                        <field name="key_user" invisible="1" />
+                        <field name="secret" invisible="1" />
+                        <field name="public" invisible="1" />
+                        <field name="user_id" />
+                        <field name="name" />
+                    </group>
+                </sheet>
+                <footer>
+                    <button
+                        type="object"
+                        name="action_send"
+                        string="Send"
+                        class="oe_highlight"
+                    />
+                    or
+                    <button type="special" string="Cancel" special="cancel" />
+                </footer>
+            </form>
+        </field>
+    </record>
+</odoo>
diff --git a/vault/wizards/vault_store_wizard.py b/vault/wizards/vault_store_wizard.py
new file mode 100644
index 0000000000..6bdae37913
--- /dev/null
+++ b/vault/wizards/vault_store_wizard.py
@@ -0,0 +1,47 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import logging
+
+from odoo import _, api, fields, models
+
+_logger = logging.getLogger(__name__)
+
+
+class VaultStoreWizard(models.TransientModel):
+    _name = "vault.store.wizard"
+    _description = _("Wizard store a shared secret in a vault")
+
+    vault_id = fields.Many2one("vault", "Vault", required=True)
+    entry_id = fields.Many2one(
+        "vault.entry",
+        "Entry",
+        domain="[('vault_id', '=', vault_id)]",
+        required=True,
+    )
+    model = fields.Char(required=True)
+    master_key = fields.Char(compute="_compute_master_key", store=False)
+    name = fields.Char(required=True)
+    iv = fields.Char(required=True)
+    key = fields.Char(required=True)
+    secret = fields.Char(required=True)
+    secret_temporary = fields.Char(required=True)
+
+    @api.depends("entry_id", "vault_id")
+    def _compute_master_key(self):
+        for rec in self:
+            rec.master_key = rec.vault_id.master_key
+
+    def action_store(self):
+        self.ensure_one()
+        try:
+            self.env[self.model].create(
+                {
+                    "entry_id": self.entry_id.id,
+                    "name": self.name,
+                    "iv": self.iv,
+                    "value": self.secret,
+                }
+            )
+        except Exception:
+            pass
diff --git a/vault/wizards/vault_store_wizard.xml b/vault/wizards/vault_store_wizard.xml
new file mode 100644
index 0000000000..47d3f24ec0
--- /dev/null
+++ b/vault/wizards/vault_store_wizard.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<odoo>
+    <record id="view_vault_store_wizard" model="ir.ui.view">
+        <field name="model">vault.store.wizard</field>
+        <field name="arch" type="xml">
+            <form>
+                <sheet>
+                    <group>
+                        <field name="iv" invisible="1" />
+                        <field name="key" invisible="1" />
+                        <field name="master_key" invisible="1" />
+                        <field name="secret" invisible="1" />
+                        <field name="secret_temporary" invisible="1" />
+                        <field
+                            name="vault_id"
+                            options="{'no_create_edit': True, 'no_open': True}"
+                        />
+                        <field
+                            name="entry_id"
+                            attrs="{'invisible': [('vault_id', '=', False)]}"
+                            options="{'no_create_edit': True, 'no_open': True}"
+                        />
+                        <field name="name" />
+                    </group>
+                </sheet>
+                <footer>
+                    <button
+                        type="object"
+                        name="action_store"
+                        string="Store"
+                        class="oe_highlight"
+                    />
+                    or
+                    <button type="special" string="Cancel" special="cancel" />
+                </footer>
+            </form>
+        </field>
+    </record>
+</odoo>
diff --git a/vault_share/__init__.py b/vault_share/__init__.py
new file mode 100644
index 0000000000..05ae53c8cb
--- /dev/null
+++ b/vault_share/__init__.py
@@ -0,0 +1,4 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+from . import controllers, models
diff --git a/vault_share/__manifest__.py b/vault_share/__manifest__.py
new file mode 100644
index 0000000000..cdbf549b35
--- /dev/null
+++ b/vault_share/__manifest__.py
@@ -0,0 +1,24 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+{
+    "name": "Vault - Share",
+    "summary": "Implementation of a mechanism to share secrets",
+    "license": "AGPL-3",
+    "version": "14.0.1.0.0",
+    "website": "https://github.com/OCA/server-auth",
+    "application": True,
+    "author": "initOS GmbH, Odoo Community Association (OCA)",
+    "category": "Vault",
+    "depends": ["vault"],
+    "data": [
+        "data/ir_cron.xml",
+        "security/ir.model.access.csv",
+        "security/ir_rule.xml",
+        "views/assets.xml",
+        "views/menuitems.xml",
+        "views/templates.xml",
+        "views/vault_share_views.xml",
+    ],
+    "qweb": ["static/src/xml/templates.xml"],
+}
diff --git a/vault_share/controllers/__init__.py b/vault_share/controllers/__init__.py
new file mode 100644
index 0000000000..aabfa83edd
--- /dev/null
+++ b/vault_share/controllers/__init__.py
@@ -0,0 +1,4 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+from . import main
diff --git a/vault_share/controllers/main.py b/vault_share/controllers/main.py
new file mode 100644
index 0000000000..4d908f0669
--- /dev/null
+++ b/vault_share/controllers/main.py
@@ -0,0 +1,34 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import logging
+
+from odoo import _, http
+from odoo.http import request
+
+_logger = logging.getLogger(__name__)
+
+
+class Controller(http.Controller):
+    @http.route("/vault/share/<string:token>", type="http", auth="public")
+    def vault_share(self, token):
+        ctx = {"disable_footer": True, "token": token}
+        secret = request.env["vault.share"].sudo().get(token)
+        if secret is None:
+            ctx["error"] = _("The secret expired")
+            return request.render("vault_share.share", ctx)
+
+        if len(secret) != 1:
+            ctx["error"] = _("Invalid token")
+            return request.render("vault_share.share", ctx)
+
+        ctx.update(
+            {
+                "encrypted": secret.secret,
+                "salt": secret.salt,
+                "iv": secret.iv,
+                "encrypted_file": secret.secret_file,
+                "filename": secret.filename,
+            }
+        )
+        return request.render("vault_share.share", ctx)
diff --git a/vault_share/data/ir_cron.xml b/vault_share/data/ir_cron.xml
new file mode 100644
index 0000000000..362e5c1905
--- /dev/null
+++ b/vault_share/data/ir_cron.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<odoo noupdate="1">
+    <record id="cron_share_clean" model="ir.cron">
+        <field name="name">Clean outgoing share</field>
+        <field name="model_id" ref="model_vault_share" />
+        <field name="state">code</field>
+        <field name="code">model.clean()</field>
+        <field name="interval_number">1</field>
+        <field name="interval_type">minutes</field>
+        <field name="numbercall">-1</field>
+        <field name="active" eval="True" />
+    </record>
+</odoo>
diff --git a/vault_share/models/__init__.py b/vault_share/models/__init__.py
new file mode 100644
index 0000000000..51a08ee32d
--- /dev/null
+++ b/vault_share/models/__init__.py
@@ -0,0 +1,4 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+from . import vault_share
diff --git a/vault_share/models/vault_share.py b/vault_share/models/vault_share.py
new file mode 100644
index 0000000000..24da5c41a9
--- /dev/null
+++ b/vault_share/models/vault_share.py
@@ -0,0 +1,72 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import logging
+from datetime import datetime, timedelta
+from uuid import uuid4
+
+from odoo import _, api, fields, models
+
+_logger = logging.getLogger(__name__)
+
+
+class VaultShare(models.Model):
+    _name = "vault.share"
+    _description = _("Vault share outgoing secrets")
+
+    user_id = fields.Many2one("res.users", default=lambda self: self.env.uid)
+    name = fields.Char(required=True)
+    share_link = fields.Char(
+        "Share URL",
+        compute="_compute_url",
+        store=False,
+        help="Using this link and pin people can access the secret.",
+    )
+    token = fields.Char(readonly=True, required=True, default=lambda self: uuid4())
+    secret = fields.Char()
+    secret_file = fields.Char()
+    filename = fields.Char()
+    salt = fields.Char(required=True)
+    iv = fields.Char(required=True)
+    pin = fields.Char(required=True, help="The pin needed to decrypt the share.")
+    accesses = fields.Integer(
+        "Access counter",
+        default=5,
+        help="Specifies how often a share can be accessed before deletion.",
+    )
+    expiration = fields.Datetime(
+        default=lambda self: datetime.now() + timedelta(days=7),
+        help="Specifies how long a share can be accessed until deletion.",
+    )
+
+    _sql_constraints = [
+        (
+            "value_check",
+            "CHECK(secret IS NOT NULL OR secret_file IS NOT NULL)",
+            _("No value found"),
+        ),
+    ]
+
+    @api.depends("token")
+    def _compute_url(self):
+        base_url = self.env["ir.config_parameter"].sudo().get_param("web.base.url")
+        for rec in self:
+            rec.share_link = f"{base_url}/vault/share/{rec.token}"
+
+    @api.model
+    def get(self, token):
+        rec = self.search([("token", "=", token)], limit=1)
+        if not rec:
+            return rec
+
+        if datetime.now() < rec.expiration and rec.accesses > 0:
+            rec.accesses -= 1
+            return rec
+
+        rec.unlink()
+        return None
+
+    @api.model
+    def clean(self):
+        now = datetime.now()
+        self.search([("expiration", "<=", now), ("accesses", "<=", 0)]).unlink()
diff --git a/vault_share/readme/CONTRIBUTORS.rst b/vault_share/readme/CONTRIBUTORS.rst
new file mode 100644
index 0000000000..e202826121
--- /dev/null
+++ b/vault_share/readme/CONTRIBUTORS.rst
@@ -0,0 +1 @@
+* Florian Kantelberg <florian.kantelberg@initos.com>
diff --git a/vault_share/readme/DESCRIPTION.rst b/vault_share/readme/DESCRIPTION.rst
new file mode 100644
index 0000000000..51e526ca52
--- /dev/null
+++ b/vault_share/readme/DESCRIPTION.rst
@@ -0,0 +1,6 @@
+This module implements possibilities to share specific secrets with external users. This bases on the vault implementation and the generated RSA key pair.
+
+Share
+=====
+
+This allows an user to share a secret with external users. A share can be generated from a vault entry or directly created by an user. The secret is symmetrically encrypted by a key derived from a pin. To grant access the user has to transmit the link and pin with the external. If either the access counter reaches 0 or the share expires it will be deleted automatically. Due to the usage of a numeric pin and the browser side decryption a share is vulnerable to brute-force attacks and shouldn't be used as a permanent storage for secrets. For long time uses the user should create an account and a vault should be used.
diff --git a/vault_share/security/ir.model.access.csv b/vault_share/security/ir.model.access.csv
new file mode 100644
index 0000000000..46bc795e07
--- /dev/null
+++ b/vault_share/security/ir.model.access.csv
@@ -0,0 +1,2 @@
+id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
+access_vault_share,access_vault_share,model_vault_share,base.group_user,1,1,1,1
diff --git a/vault_share/security/ir_rule.xml b/vault_share/security/ir_rule.xml
new file mode 100644
index 0000000000..936aba6b94
--- /dev/null
+++ b/vault_share/security/ir_rule.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<odoo>
+    <record id="vault_share_owner" model="ir.rule">
+        <field name="name">vault.share.access.owner</field>
+        <field name="model_id" ref="vault_share.model_vault_share" />
+        <field name="domain_force">[('user_id', '=', user.id)]</field>
+        <field name="perm_create" eval="1" />
+        <field name="perm_write" eval="1" />
+        <field name="perm_unlink" eval="1" />
+        <field name="perm_read" eval="1" />
+    </record>
+</odoo>
diff --git a/vault_share/static/description/icon.png b/vault_share/static/description/icon.png
new file mode 100644
index 0000000000000000000000000000000000000000..a0c9035d9b2247bbe8008a1601aafb0524a2c13d
GIT binary patch
literal 2287
zcmV<L2oU#)P)<h;3K|Lk000e1NJLTq002e+002e^1^@s6aW3M700004b3#c}2nYxW
zd<bNS000Q4Nkl<Zc%1E<U2Ggz6~})wyZ*{zJ8_7e=EENfF^Sr`F0E6<M};Z`qJ;-O
z6iU(}QBXsicV2k|#1jvoiU&|Zsz69kRSho)s7MtsZAgT0qR=L!NgVR!HU3<$cW3tU
zFn8wOJ2PwV?Cv;-?7WP}bI!Tv{O|vsbLL*#LS8?5{bwTA+f7?XI{=pdLjGh~Amm;B
zUMNY+d$zEYoc3B%l#k(OUtB7N-s^h0AHjI0yAcNrzYK%ktz0g%GQY&vpZt;){Q8G~
zctzZtze}N9#I3m6;Nf6Rrwu1X)M;JLaMH36hya{GkFXxvxKd6iy<jqoXKl(9dYT`;
zVPV9Xu`RmVIvL1q=Y{dlS=RS|^^&+=%14~l2dUTDKu$#UBF++{7n%f<pdsc2;Ku0b
z&tc|harr;&bh@$UMFA|l;E;oZhp0qeEfWwz4laZgQ^EKG7M7F?6wF|ezT$!E|H5F7
zkUt6EtS~{5{`mt3&jtumPm9Z&d<_(#;*vnH+*ZOaxFx8lAgkWR`tL13Y-Fdhv7HUy
z*D_8OJA~g?v9n4E+i@K|leL&5z^w>u1JM?9g1fDd5-sLv%rO|#VvfNWiDip926JK=
z(_)Um4v=awN51v&u-B{S_cL>B2{A3^n9NZ*ro|kCIkrNO7IOk{;;K@MIWos+2)CG{
zn3D|<)Am(_27=meiONxl(UW&{JLqy@yB4CN>1A>}uwyU7TX(UmyOXX=7Th9BYjfPV
zd!2Xkvn*AFniO9TwVxF0ha4xY7x72h$qLkr>p~`Tf~oUnHnKUT>G@NqF~Zmh6!JOb
zbY{z54juR?Pwp9Hpq=<@6e#DpJad-cT|CdfN)^qI80J{<aT)&0xO6*M7S{2fd|UX!
z2A%Xl^k=PY4)jD=FTA6t>?k?kr%s0Uf10m6e2{@m6+q&y@*L;RpXAq9?@|o>_eW}c
zC(u?-M%QNQImh14#1miR#CSqb0NVO^bo>a%$M(^eLe8;4)Rx_wUafi=KXjNQgT1sR
z#6(?Lc8`3PZ;TDmU3HxLs+Ib>W^<X-Kl(I>2YVBM;7~5Du<Ay^=^uH9FAw!JwOR#L
z$xjvG?4C-s+A_}J2Z!jY5t7yX8Gdo*6w}KNRwl>b&{I4+rZ2xv4m|it9=rJ)&Xk%{
zt?V#T9)f8y$7cV*5A%U)l_z|y{DYsL{v*>%j>ibMz_lwUd3pNZly$kb5uO@-fNYcc
zoS6NXlyi=~kB<y)tq~QNyEV<FwWystGt*oR$@cFaW1qcIZmTWl1UY82n3L@vt(`5N
zoADj83xxAc=UyJ_wSBdQm}3(NZ4Pt#wr!^;0W5tx4>D*)zpb|IIlxe)#OLVm$<|mE
z*Jq9`0>~hJ=49y3<r2UG<R0a#AAf=mcG+^qJJ>b+8D4y3Fs96Bd0(!lDc@FEA0gGj
z##J2&S`(^Oo1IMt4A9g6364GUF&0-=aN2V8wXb8t&dPWQ`J1d-d0*FZ#?xm`g+jTQ
z7#Q!$(v$059~8hT7Jc^`Vvejz6;HI{8%Zzc+*w#L%WP9Ghq=OnS!HVRH|F=Yfz&22
zr!YIi?bLv|!{xlI7|;N7LVZly%(2-$uqRPfN^+I+?{cvaUuBXq#}3MO>deWo`@m5q
zA0J8ym?D?2OmoNYbM(0CU`~~j$YwLgX87O{CMVJY1<Luq^7@tK>VEj~)W{rLVo7?;
z$uRuzQI1axrv?h8Yn=Ss+uV%nkn3cQy*`4CGRJ24p`%QGXqYXjAOg5~PEWnYsRdW{
zQ%yL1$a)BZ!5oRW+B1#r{RT~&GN76&ED#-xj6KWbV=02NdX3-z<u!ggTR=Lhnl)4$
zUh`(gWim&LQ_5$(8JBd5=>)xd#WPlOhnzMj4!39C<kfRiTr6ml682j^eTa)|oenvx
z7||@|bTTsb948*%({xY@%eT3D=K^oNbB?p~Yr%}KcluB-bF_0Mn!ub6MkbDOVyrPx
z%6Cum(y6zZYs=By)d}tz%S(CkWe4ME$ImIoGHMQUvigiS#+(jDC!XWj*xtrKS@=6I
z|LG0hErL~CVQz__DmHR%m6SQz@K<qt%;{kNq31dFNFAW8zQ-FEF0*JkluHX-dhegy
zC}RYb%8BO&%<-xcniF*}XUo3N^UZod0Vv&K>inO%5n>=ArvYQxrp=t7j|sL0f_p8U
zt=H!a?0A1e%cqvFa$r;c%EFedA3AfqxBha9VUA}7Pcf^$jq15d%LF?#LGF^nRow~n
zgOrX-f0UZf9F-Q(!Lc^(kc}NY->GCdNBLIERW8huF9EKDQ<`P!>>2X9J&4*5Er-p>
zIoV(>`bMZD=Onmpo&P1@o1P8E@h8~KCDE$4**Pb=gI8D1NdnEiIxA0>b8KUc1<Xm3
zbDTPIjQMR9bex*AzQDc8In{UY5-{i5r3+kNs{xO-D@@JICa8M%jycu~KlqkVOFPs7
z$`^X#HRb$>Eok4$&Yn*1tS3%SI4myaS#-@@;@=`UC-4I`<9f~^oJ%k}WdAuPu3G-b
zQ~PTNJv&#-tX)gBD$R3iHk$bKX3%#wT6Me^ssEKlf@)<4$Qx_3k(?9mb5w_{Eqawp
zg2ny6m2<otQ+16tTCHO21fbPpXY+E7txa)@IT~}!s?=gmaJLPlTFeQU6MwGMVvc`y
z9a>{8=B)oek@qumY=6dE%rTj>!Aa!(%N)DnI_9@Zi#b#r7uzkCYnuseM*rWL<181k
zt!2lDs>K{>$NA5yXX8^Zeo^%8+Ch6)2X-c_4eAFQdJdusZz1U0gE4w4CJiJ_4;@?u
zlA#y3<q_7?<*1^k$sq);>ryJLk-vVMSHJsHW&R73&x`q`c}k@c7=tSF`bk~PYt5OE
zlMow>8YlE<1Se-QPB3i0id|z8<J`9_+S}XN*3-)?-}$ix@LygOcaE+cnFRm<002ov
JPDHLkV1n|ya*F@}

literal 0
HcmV?d00001

diff --git a/vault_share/static/src/js/vault_fields.js b/vault_share/static/src/js/vault_fields.js
new file mode 100644
index 0000000000..13ee282ba7
--- /dev/null
+++ b/vault_share/static/src/js/vault_fields.js
@@ -0,0 +1,55 @@
+// © 2021 Florian Kantelberg - initOS GmbH
+// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+odoo.define("vault.share.fields", function (require) {
+    "use strict";
+
+    var core = require("web.core");
+    var sh_utils = require("vault.share.utils");
+    var utils = require("vault.utils");
+    var vault = require("vault");
+    var vault_fields = require("vault.fields");
+
+    var _t = core._t;
+
+    // Extend the widget to share
+    vault_fields.VaultField.include({
+        events: _.extend(vault_fields.VaultField.prototype.events, {
+            "click .o_vault_share": "_onShareValue",
+        }),
+
+        /**
+         * Share the value for an external user
+         *
+         * @private
+         * @param {OdooEvent} ev
+         */
+        _onShareValue: async function (ev) {
+            ev.stopPropagation();
+
+            const iv = await utils.generate_iv_base64();
+            const pin = sh_utils.generate_pin(sh_utils.PinSize);
+            const salt = utils.generate_bytes(utils.SaltLength).buffer;
+            const key = await utils.derive_key(pin, salt, 4000);
+            const public_key = await vault.get_public_key();
+            const value = await this._decrypt(this.value);
+
+            this.do_action({
+                type: "ir.actions.act_window",
+                title: _t("Share the secret"),
+                target: "new",
+                res_model: "vault.share",
+                views: [[false, "form"]],
+                context: {
+                    default_secret: await utils.sym_encrypt(key, value, iv),
+                    default_pin: await utils.asym_encrypt(
+                        public_key,
+                        pin + utils.generate_iv_base64()
+                    ),
+                    default_iv: iv,
+                    default_salt: utils.toBase64(salt),
+                },
+            });
+        },
+    });
+});
diff --git a/vault_share/static/src/js/vault_share.js b/vault_share/static/src/js/vault_share.js
new file mode 100644
index 0000000000..2af6783193
--- /dev/null
+++ b/vault_share/static/src/js/vault_share.js
@@ -0,0 +1,56 @@
+// © 2021 Florian Kantelberg - initOS GmbH
+// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+odoo.define("vault.share", function (require) {
+    "use strict";
+
+    require("web.dom_ready");
+
+    var utils = require("vault.utils");
+    var data = {};
+
+    // Find the elements in the document and check if they have values
+    function find_elements() {
+        for (const id of ["encrypted", "salt", "iv", "encrypted_file", "filename"])
+            if (!data[id]) {
+                const element = document.getElementById(id);
+                data[id] = element && element.value;
+            }
+    }
+
+    document.getElementById("pin").onchange = async function () {
+        find_elements();
+
+        // Derive the key from the pin
+        const key = await utils.derive_key(
+            this.value,
+            utils.fromBase64(data.salt),
+            4000
+        );
+
+        const secret = document.getElementById("secret");
+        const secret_file = document.getElementById("secret_file");
+        if (!secret || !secret_file) return;
+
+        // There is no secret to decrypt
+        if (!this.value) {
+            secret.setAttribute("class", "alert alert-danger col-12");
+            secret_file.setAttribute("class", "alert alert-danger col-12");
+            return;
+        }
+
+        // Decrypt the data and show the value
+        if (data.encrypted) {
+            secret.value = await utils.sym_decrypt(key, data.encrypted, data.iv);
+            secret.setAttribute("class", "alert alert-success col-12");
+        }
+
+        if (data.encrypted_file) {
+            const content = await utils.sym_decrypt(key, data.encrypted_file, data.iv);
+            const file = new File([atob(content)], data.filename);
+            secret_file.text = data.filename;
+            secret_file.setAttribute("href", window.URL.createObjectURL(file));
+            secret_file.setAttribute("class", "alert alert-success col-12");
+        }
+    };
+});
diff --git a/vault_share/static/src/js/vault_share_widget.js b/vault_share/static/src/js/vault_share_widget.js
new file mode 100644
index 0000000000..6b5c287c24
--- /dev/null
+++ b/vault_share/static/src/js/vault_share_widget.js
@@ -0,0 +1,355 @@
+// © 2021 Florian Kantelberg - initOS GmbH
+// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+odoo.define("vault.share.widget", function (require) {
+    "use strict";
+
+    var basic_fields = require("web.basic_fields");
+    var core = require("web.core");
+    var registry = require("web.field_registry");
+    var sh_utils = require("vault.share.utils");
+    var utils = require("vault.utils");
+    var vault = require("vault");
+    var vault_fields = require("vault.fields");
+
+    var QWeb = core.qweb;
+
+    // Widget used to view the encrypted pin
+    var VaultPinField = basic_fields.InputField.extend(vault_fields.VaultAbstract, {
+        supportedFieldTypes: ["char"],
+        events: _.extend({}, basic_fields.InputField.prototype.events, {
+            "click .o_vault_show": "_onShowValue",
+            "click .o_vault_clipboard": "_onCopyValue",
+        }),
+        template: "FieldPinVault",
+
+        /**
+         * Prepare the widget by evaluating the field attributes and setting the defaults
+         *
+         * @override
+         */
+        init: function () {
+            this._super.apply(this, arguments);
+
+            this.pin_size = this.attrs.pin_size || sh_utils.PinSize;
+        },
+
+        /**
+         * Decrypt the value using the private key of the vault and slice it to
+         * the actual pin size because there is a salt following
+         *
+         * @private
+         * @param {String} data
+         * @returns the decrypted data
+         */
+        _decrypt: async function (data) {
+            if (!data) return data;
+
+            const private_key = await vault.get_private_key();
+            const plain = await utils.asym_decrypt(private_key, data);
+            return plain.slice(0, this.pin_size);
+        },
+
+        /**
+         * Render the decrypted value or the stars
+         *
+         * @private
+         */
+        _renderReadonly: function () {
+            this._renderValue(this.decrypted_value || "********");
+        },
+
+        /**
+         * Render the decrypted value or the stars
+         *
+         * @private
+         */
+        _renderEdit: function () {
+            this._renderValue(this.decrypted_value || "********");
+        },
+
+        /**
+         * Render the field using the template
+         *
+         * @private
+         * @param {String} value
+         */
+        _renderValue: function (value) {
+            this.$el.html(
+                QWeb.render(this.template, {
+                    widget: self,
+                    value: value,
+                    show: !this.decrypted,
+                })
+            );
+        },
+    });
+
+    // Widget used to create shared outgoing secrets encrypted with a pin
+    var VaultShareField = vault_fields.VaultField.extend(vault_fields.VaultAbstract, {
+        events: _.extend({}, vault_fields.VaultField.prototype.events, {
+            "click .o_vault_save": "_onSaveValue",
+        }),
+        template: "FieldVaultShare",
+
+        /**
+         * Prepare the widget by evaluating the field attributes and setting the defaults
+         *
+         * @override
+         */
+        init: function () {
+            this._super.apply(this, arguments);
+
+            this.pin_size = this.attrs.pin_size || sh_utils.PinSize;
+            this.field_salt = this.attrs.salt || "salt";
+            this.field_pin = this.attrs.pin || "pin";
+        },
+
+        /**
+         * Encrypt the pin with a random salt to make it hard to guess him by
+         * encrypting every possilbilty with the public key. Store the pin in the
+         * proper field
+         *
+         * @private
+         */
+        _storePin: async function () {
+            const salt = utils.generate_iv_base64();
+            const crypted_pin = await utils.asym_encrypt(
+                await vault.get_public_key(),
+                this.pin + salt
+            );
+            this._setFieldValue(this.field_pin, crypted_pin);
+        },
+
+        /**
+         * Returns the pin from the class, record data, or generate a new pin if
+         * none s currently available
+         *
+         * @private
+         * @returns the pin
+         */
+        _getPin: async function () {
+            if (this.pin) return this.pin;
+
+            this.pin = this.recordData[this.field_pin];
+            if (this.pin) {
+                // Decrypt the pin and slice him to the configured pin size
+                const private_key = await vault.get_private_key();
+                const plain = await utils.asym_decrypt(private_key, this.pin);
+                this.pin = plain.slice(0, this.pin_size);
+                return this.pin;
+            }
+
+            // Generate a new pin and store it
+            this.pin = sh_utils.generate_pin(this.pin_size);
+            await this._storePin();
+            return this.pin;
+        },
+
+        /**
+         * Returns the salt from the class, record data, or generate a new salt if
+         * none is currently available
+         *
+         * @private
+         * @returns the salt
+         */
+        _getSalt: function () {
+            if (this.salt) return this.salt;
+
+            this.salt = this.recordData[this.field_salt];
+            if (this.salt) return this.salt;
+
+            // Generate a new salt and store him
+            this.salt = utils.toBase64(utils.generate_bytes(utils.SaltLength).buffer);
+            this._setFieldValue(this.field_salt, this.salt);
+            return this.salt;
+        },
+
+        /**
+         * Decrypt the encrypted data using the pin, IV and salt
+         *
+         * @private
+         * @param {String} crypted
+         */
+        _decrypt: async function (crypted) {
+            const iv = this._getIV();
+            const pin = await this._getPin();
+            const salt = utils.fromBase64(this._getSalt());
+
+            const key = await utils.derive_key(pin, salt, 4000);
+            return await utils.sym_decrypt(key, crypted, iv);
+        },
+
+        /**
+         * Encrypt the data using the pin, IV and salt
+         *
+         * @private
+         * @param {String} data
+         */
+        _encrypt: async function (data) {
+            const iv = this._getIV();
+            const pin = await this._getPin();
+            const salt = utils.fromBase64(this._getSalt());
+
+            const key = await utils.derive_key(pin, salt, 4000);
+            return await utils.sym_encrypt(key, data, iv);
+        },
+
+        /**
+         * Resets the content to the formated value in readonly mode.
+         *
+         * @override
+         * @private
+         */
+        _renderReadonly: function () {
+            this.$el.html(
+                QWeb.render(this.template, {
+                    widget: self,
+                    value: this.decrypted_value || "********",
+                    show: !this.decrypted,
+                })
+            );
+        },
+
+        /**
+         * @override
+         * @returns {String} the content of the input
+         */
+        _getValue: function () {
+            return this.$input.val();
+        },
+    });
+
+    // Widget used to view shared incoming secrets encrypted with public keys
+    var VaultShareFile = vault_fields.VaultFile.extend(vault_fields.VaultAbstract, {
+        store_model: "vault.file",
+        template: "FileVaultShare",
+        events: _.extend({}, vault_fields.VaultFile.prototype.events, {
+            "click .o_vault_save": "_onSaveValue",
+        }),
+
+        /**
+         * Prepare the widget by evaluating the field attributes and setting the defaults
+         *
+         * @override
+         */
+        init: function () {
+            this._super.apply(this, arguments);
+
+            this.field_key = this.attrs.key || "key";
+            this.pin_size = this.attrs.pin_size || sh_utils.PinSize;
+            this.field_salt = this.attrs.salt || "salt";
+            this.field_pin = this.attrs.pin || "pin";
+        },
+
+        /**
+         * Encrypt the pin with a random salt to make it hard to guess him by
+         * encrypting every possilbilty with the public key. Store the pin in the
+         * proper field
+         *
+         * @private
+         */
+        _storePin: async function () {
+            const salt = utils.generate_iv_base64();
+            const crypted_pin = await utils.asym_encrypt(
+                await vault.get_public_key(),
+                this.pin + salt
+            );
+            this._setFieldValue(this.field_pin, crypted_pin);
+        },
+
+        /**
+         * Returns the pin from the class, record data, or generate a new pin if
+         * none s currently available
+         *
+         * @private
+         * @returns the pin
+         */
+        _getPin: async function () {
+            if (this.pin) return this.pin;
+
+            this.pin = this.recordData[this.field_pin];
+            if (this.pin) {
+                // Decrypt the pin and slice him to the configured pin size
+                const private_key = await vault.get_private_key();
+                const plain = await utils.asym_decrypt(private_key, this.pin);
+                this.pin = plain.slice(0, this.pin_size);
+                return this.pin;
+            }
+
+            // Generate a new pin and store it
+            this.pin = sh_utils.generate_pin(this.pin_size);
+            await this._storePin();
+            return this.pin;
+        },
+
+        /**
+         * Returns the salt from the class, record data, or generate a new salt if
+         * none is currently available
+         *
+         * @private
+         * @returns the salt
+         */
+        _getSalt: function () {
+            if (this.salt) return this.salt;
+
+            this.salt = this.recordData[this.field_salt];
+            if (this.salt) return this.salt;
+
+            // Generate a new salt and store him
+            this.salt = utils.toBase64(utils.generate_bytes(utils.SaltLength).buffer);
+            this._setFieldValue(this.field_salt, this.salt);
+            return this.salt;
+        },
+
+        _renderReadonly: function () {
+            this.do_toggle(Boolean(this.value));
+            if (this.value) {
+                this.$el.html(
+                    QWeb.render(this.template, {
+                        widget: this,
+                        filename: this.filename_value,
+                    })
+                );
+
+                const $el = this.$(".link");
+                if (this.recordData.id) $el.css("cursor", "pointer");
+                else $el.css("cursor", "not-allowed");
+            }
+        },
+
+        /**
+         * Decrypt the encrypted data using the pin, IV and salt
+         *
+         * @private
+         * @param {String} crypted
+         */
+        _decrypt: async function (crypted) {
+            const iv = this._getIV();
+            const pin = await this._getPin();
+            const salt = utils.fromBase64(this._getSalt());
+
+            const key = await utils.derive_key(pin, salt, 4000);
+            return await utils.sym_decrypt(key, crypted, iv);
+        },
+
+        /**
+         * Encrypt the data using the pin, IV and salt
+         *
+         * @private
+         * @param {String} data
+         */
+        _encrypt: async function (data) {
+            const iv = this._getIV();
+            const pin = await this._getPin();
+            const salt = utils.fromBase64(this._getSalt());
+
+            const key = await utils.derive_key(pin, salt, 4000);
+            return await utils.sym_encrypt(key, data, iv);
+        },
+    });
+
+    registry.add("vault_pin", VaultPinField);
+    registry.add("vault_share", VaultShareField);
+    registry.add("vault_share_file", VaultShareFile);
+});
diff --git a/vault_share/static/src/js/vault_utils.js b/vault_share/static/src/js/vault_utils.js
new file mode 100644
index 0000000000..c85a522f3d
--- /dev/null
+++ b/vault_share/static/src/js/vault_utils.js
@@ -0,0 +1,19 @@
+// © 2021 Florian Kantelberg - initOS GmbH
+// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+odoo.define("vault.share.utils", function (require) {
+    "use strict";
+
+    const PinSize = 5;
+
+    var utils = require("vault.utils");
+
+    function generate_pin(pin_size) {
+        return utils.generate_secret(pin_size, "0123456789");
+    }
+
+    return {
+        PinSize: PinSize,
+        generate_pin: generate_pin,
+    };
+});
diff --git a/vault_share/static/src/scss/vault_share.scss b/vault_share/static/src/scss/vault_share.scss
new file mode 100644
index 0000000000..09e4e6b160
--- /dev/null
+++ b/vault_share/static/src/scss/vault_share.scss
@@ -0,0 +1,3 @@
+.o_vault_share {
+    white-space: pre-wrap;
+}
diff --git a/vault_share/static/src/xml/templates.xml b/vault_share/static/src/xml/templates.xml
new file mode 100644
index 0000000000..0f6f2334a6
--- /dev/null
+++ b/vault_share/static/src/xml/templates.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<templates id="template" xml:space="preserve">
+    <t t-name="FieldVaultShare">
+        <input class="o_vault_share" t-if="widget.mode == 'edit'" t-esc="value" />
+        <div class="o_vault" t-else="">
+            <t t-call="vault.buttons" />
+            <button
+                class="btn fa fa-save o_vault_save"
+                title="Save in a vault"
+                aria-label="Save in a vault"
+            />
+
+            <span class="o_vault_share" t-esc="value" />
+        </div>
+    </t>
+
+    <t t-name="FileVaultShare">
+        <t t-if="widget.mode == 'edit'" t-call="FieldBinaryFile" />
+        <div class="o_vault" t-else="">
+            <button
+                class="btn fa fa-save o_vault_save"
+                title="Save in a vault"
+                aria-label="Save in a vault"
+            />
+
+            <span class="link"><span class="fa fa-download" /> <t
+                    t-esc="filename"
+                /></span>
+        </div>
+    </t>
+
+    <t t-name="FieldPinVault">
+        <div class="o_vault">
+            <t t-call="vault.buttons" />
+            <span class="o_vault_value" t-esc="value" />
+        </div>
+    </t>
+
+    <t t-extend="FieldVault">
+        <t t-jquery="span.o_vault_value" t-operation="before">
+            <button
+                class="btn fa fa-external-link o_vault_share"
+                title="Share the secret with an external user"
+                aria-label="Share the secret with an external user"
+            />
+        </t>
+    </t>
+</templates>
diff --git a/vault_share/tests/__init__.py b/vault_share/tests/__init__.py
new file mode 100644
index 0000000000..a2758c5219
--- /dev/null
+++ b/vault_share/tests/__init__.py
@@ -0,0 +1,4 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+from . import test_share
diff --git a/vault_share/tests/test_share.py b/vault_share/tests/test_share.py
new file mode 100644
index 0000000000..cac8a41c2c
--- /dev/null
+++ b/vault_share/tests/test_share.py
@@ -0,0 +1,44 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import logging
+from datetime import datetime
+from uuid import uuid4
+
+from odoo.tests import TransactionCase
+
+_logger = logging.getLogger(__name__)
+
+
+class TestShare(TransactionCase):
+    def test_share(self):
+        user = self.env.user
+        model = self.env["vault.share"]
+        vals = {
+            "name": f"Share {user.name}",
+            "secret": "secret",
+            "salt": "sa17",
+            "iv": "1v",
+            "pin": "12345",
+        }
+
+        share = model.create(vals)
+        self.assertEqual(share, model.get(share.token))
+        self.assertIn(share.token, share.share_link)
+
+        # Nothing should happen
+        model.clean()
+        self.assertEqual(share, model.get(share.token))
+
+        # Deletion because of accesses
+        share = model.create(vals)
+        share.accesses = 0
+        self.assertEqual(None, model.get(share.token))
+
+        # Deletion because of expiration
+        share = model.create(vals)
+        share.expiration = datetime(1970, 1, 1)
+        self.assertEqual(None, model.get(share.token))
+
+        # Search for invalid token
+        self.assertEqual(model, model.get(uuid4()))
diff --git a/vault_share/views/assets.xml b/vault_share/views/assets.xml
new file mode 100644
index 0000000000..905f8fd346
--- /dev/null
+++ b/vault_share/views/assets.xml
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<odoo>
+    <template id="assets_backend" inherit_id="web.assets_backend">
+        <xpath expr="." position="inside">
+            <script
+                type="text/javascript"
+                src="/vault_share/static/src/js/vault_fields.js"
+            />
+            <script
+                type="text/javascript"
+                src="/vault_share/static/src/js/vault_share_widget.js"
+            />
+            <script
+                type="text/javascript"
+                src="/vault_share/static/src/js/vault_utils.js"
+            />
+            <link
+                rel="stylesheet"
+                type="text/scss"
+                href="/vault_share/static/src/scss/vault_share.scss"
+            />
+        </xpath>
+    </template>
+
+    <template id="share_frontend">
+        <script type="text/javascript" src="/vault/static/src/js/vault_utils.js" />
+        <script
+            type="text/javascript"
+            src="/vault_share/static/src/js/vault_share.js"
+        />
+    </template>
+</odoo>
diff --git a/vault_share/views/menuitems.xml b/vault_share/views/menuitems.xml
new file mode 100644
index 0000000000..add9343225
--- /dev/null
+++ b/vault_share/views/menuitems.xml
@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<odoo>
+    <record id="action_vault_share" model="ir.actions.act_window">
+        <field name="name">Shares</field>
+        <field name="res_model">vault.share</field>
+        <field name="view_mode">tree,form</field>
+    </record>
+
+    <menuitem
+        id="menu_vault_share"
+        groups="base.group_user"
+        parent="vault.menu_vault"
+        action="action_vault_share"
+        sequence="60"
+    />
+</odoo>
diff --git a/vault_share/views/templates.xml b/vault_share/views/templates.xml
new file mode 100644
index 0000000000..65aa8a8f6c
--- /dev/null
+++ b/vault_share/views/templates.xml
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<odoo>
+    <template id="share">
+        <t t-call="web.login_layout">
+            <t t-call-assets="vault_share.share_frontend" t-css="false" />
+
+            <input type="hidden" id="encrypted" t-att-value="encrypted" />
+            <input type="hidden" id="encrypted_file" t-att-value="encrypted_file" />
+            <input type="hidden" id="filename" t-att-value="filename" />
+            <input type="hidden" id="salt" t-att-value="salt" />
+            <input type="hidden" id="iv" t-att-value="iv" />
+
+            <div class="form-group">
+                <label for="pin">Enter the pin:</label>
+                <input type="text" id="pin" class="form-control" />
+            </div>
+
+            <p class="alert alert-danger" t-if="error" role="alert" t-esc="error" />
+            <p
+                class="alert alert-success"
+                t-if="message"
+                role="status"
+                t-esc="message"
+            />
+
+            <div class="form-group" t-if="encrypted">
+                <label for="secret">Shared secret:</label>
+                <input
+                    type="text"
+                    id="secret"
+                    readonly="readonly"
+                    class="alert alert-danger col-12"
+                />
+            </div>
+
+            <div class="form-group" t-if="encrypted_file">
+                <label for="secret">Shared file:</label><vr /><a
+                    href=""
+                    id="secret_file"
+                />
+            </div>
+        </t>
+    </template>
+</odoo>
diff --git a/vault_share/views/vault_share_views.xml b/vault_share/views/vault_share_views.xml
new file mode 100644
index 0000000000..4b3ef95a93
--- /dev/null
+++ b/vault_share/views/vault_share_views.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<odoo>
+    <record id="view_vault_share_tree" model="ir.ui.view">
+        <field name="model">vault.share</field>
+        <field name="arch" type="xml">
+            <tree>
+                <field name="name" />
+            </tree>
+        </field>
+    </record>
+
+    <record id="view_vault_share_form" model="ir.ui.view">
+        <field name="model">vault.share</field>
+        <field name="arch" type="xml">
+            <form>
+                <sheet>
+                    <group>
+                        <field name="token" invisible="1" />
+                        <field name="iv" invisible="1" />
+                        <field name="salt" invisible="1" />
+                        <field name="filename" invisible="1" />
+
+                        <field name="name" />
+                        <field name="share_link" widget="url" />
+                        <field name="pin" widget="vault_pin" />
+                        <field name="expiration" />
+                        <field name="accesses" />
+                        <field name="secret" widget="vault_share" />
+                        <field
+                            name="secret_file"
+                            filename="filename"
+                            widget="vault_share_file"
+                        />
+                    </group>
+                </sheet>
+            </form>
+        </field>
+    </record>
+</odoo>

From 8ffcafb3c0439df696bf29ed12cbfef74638c6ce Mon Sep 17 00:00:00 2001
From: oca-travis <oca+oca-travis@odoo-community.org>
Date: Tue, 21 Sep 2021 14:17:47 +0000
Subject: [PATCH 02/71] Update vault.pot

---
 vault/i18n/vault.pot | 1211 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 1211 insertions(+)
 create mode 100644 vault/i18n/vault.pot

diff --git a/vault/i18n/vault.pot b/vault/i18n/vault.pot
new file mode 100644
index 0000000000..4abdf1abe2
--- /dev/null
+++ b/vault/i18n/vault.pot
@@ -0,0 +1,1211 @@
+# Translation of Odoo Server.
+# This file contains the translation of the following modules:
+# 	* vault
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Odoo Server 14.0\n"
+"Report-Msgid-Bugs-To: \n"
+"Last-Translator: \n"
+"Language-Team: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: \n"
+"Plural-Forms: \n"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "A-Z"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/abstract_vault_field.py:0
+#: model:ir.model,name:vault.model_vault_abstract_field
+#, python-format
+msgid "Abstract model to implement basic fields for encryption"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/abstract_vault.py:0
+#: model:ir.model,name:vault.model_vault_abstract
+#, python-format
+msgid "Abstract model to implement general access rights"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__accesses
+msgid "Access counter"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users__active_key
+msgid "Active Key"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,help:vault.field_vault_right__perm_delete
+msgid "Allow to delete a vault"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,help:vault.field_vault_right__perm_share
+msgid "Allow to share a vault with new users"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,help:vault.field_vault_right__perm_write
+msgid "Allow to write to the vault"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__allowed_delete
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__allowed_delete
+#: model:ir.model.fields,field_description:vault.field_vault_entry__allowed_delete
+#: model:ir.model.fields,field_description:vault.field_vault_field__allowed_delete
+#: model:ir.model.fields,field_description:vault.field_vault_file__allowed_delete
+#: model:ir.model.fields,field_description:vault.field_vault_right__allowed_delete
+msgid "Allowed Delete"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__allowed_read
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__allowed_read
+#: model:ir.model.fields,field_description:vault.field_vault_entry__allowed_read
+#: model:ir.model.fields,field_description:vault.field_vault_field__allowed_read
+#: model:ir.model.fields,field_description:vault.field_vault_file__allowed_read
+#: model:ir.model.fields,field_description:vault.field_vault_right__allowed_read
+msgid "Allowed Read"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__allowed_share
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__allowed_share
+#: model:ir.model.fields,field_description:vault.field_vault_entry__allowed_share
+#: model:ir.model.fields,field_description:vault.field_vault_field__allowed_share
+#: model:ir.model.fields,field_description:vault.field_vault_file__allowed_share
+#: model:ir.model.fields,field_description:vault.field_vault_right__allowed_share
+msgid "Allowed Share"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__allowed_write
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__allowed_write
+#: model:ir.model.fields,field_description:vault.field_vault_entry__allowed_write
+#: model:ir.model.fields,field_description:vault.field_vault_field__allowed_write
+#: model:ir.model.fields,field_description:vault.field_vault_file__allowed_write
+#: model:ir.model.fields,field_description:vault.field_vault_right__allowed_write
+msgid "Allowed Write"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/controllers/main.py:0
+#, python-format
+msgid "An error occured. Please contact the user or administrator"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_right_overview_search
+msgid "By user"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_right_overview_search
+msgid "By vault"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault_utils.js:0
+#: code:addons/vault/static/src/js/vault_utils.js:0
+#: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_import_wizard
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_send_wizard
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_store_wizard
+#, python-format
+msgid "Cancel"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault_utils.js:0
+#: code:addons/vault/static/src/js/vault_utils.js:0
+#, python-format
+msgid "Cancelled"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Characters:"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_entry__child_ids
+msgid "Child"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_form
+msgid "Childs"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_export_wizard
+msgid "Close"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_entry__complete_name
+msgid "Complete Name"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Confirm your password:"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_form
+msgid "Content"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Copy to clipboard"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_entry__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_field__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_file__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_log__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_right__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_tag__create_uid
+msgid "Created by"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__create_date
+#: model:ir.model.fields,field_description:vault.field_vault__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_entry__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_field__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_file__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_log__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_right__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_tag__create_date
+msgid "Created on"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__crypted_content
+msgid "Crypted Content"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__current
+msgid "Current"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_import_wizard
+msgid "Custom JSON format <b>.json</b>"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__content
+msgid "Database"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_right__perm_delete
+msgid "Delete"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users__display_name
+#: model:ir.model.fields,field_description:vault.field_res_users_key__display_name
+#: model:ir.model.fields,field_description:vault.field_vault__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_abstract__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_entry__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_field__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_file__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_log__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_right__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_tag__display_name
+msgid "Display Name"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault_controller.js:0
+#, python-format
+msgid "Do you really want to create a new key pair and set it active?"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__content
+msgid "Download"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault_utils.js:0
+#: code:addons/vault/static/src/js/vault_utils.js:0
+#, python-format
+msgid "Enter"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Enter your password:"
+msgstr ""
+
+#. module: vault
+#: model:ir.actions.act_window,name:vault.action_open_entries
+#: model:ir.actions.act_window,name:vault.action_vault_entry
+#: model:ir.model.fields,field_description:vault.field_vault__entry_ids
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__entry_id
+#: model:ir.ui.menu,name:vault.menu_vault_entry
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_search
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_form
+msgid "Entries"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__entry_id
+#: model:ir.model.fields,field_description:vault.field_vault_field__entry_id
+#: model:ir.model.fields,field_description:vault.field_vault_file__entry_id
+#: model:ir.model.fields,field_description:vault.field_vault_log__entry_id
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__entry_id
+msgid "Entry"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_entry.py:0
+#: model:ir.model,name:vault.model_vault_entry
+#, python-format
+msgid "Entry inside a vault"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_log.py:0
+#, python-format
+msgid "Error"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__expiration
+msgid "Expiration"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_entry__expired
+msgid "Expired"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_entry__expire_date
+msgid "Expires on"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault.py:0
+#: code:addons/vault/models/vault_entry.py:0
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_form
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_form
+#, python-format
+msgid "Export to file"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/wizards/vault_export_wizard.py:0
+#: model:ir.model,name:vault.model_vault_export_wizard
+#, python-format
+msgid "Export wizard for vaults"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault.js:0
+#, python-format
+msgid "Failed to export keys to object store"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault.js:0
+#, python-format
+msgid "Failed to export the keys to the database"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault.js:0
+#, python-format
+msgid "Failed to import keys from database"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_field.py:0
+#: model:ir.model,name:vault.model_vault_field
+#, python-format
+msgid "Field of a vault"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__field_ids
+#: model:ir.model.fields,field_description:vault.field_vault_entry__field_ids
+msgid "Fields"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_file.py:0
+#: model:ir.model,name:vault.model_vault_file
+#, python-format
+msgid "File of a vault"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.inbox
+msgid "File to share:"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__filename
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__filename
+msgid "Filename"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__file_ids
+#: model:ir.model.fields,field_description:vault.field_vault_entry__file_ids
+msgid "Files"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__fingerprint
+msgid "Fingerprint"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Generate"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Generate a new secret:"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_right_overview_search
+msgid "Grouped"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Hide"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users__id
+#: model:ir.model.fields,field_description:vault.field_res_users_key__id
+#: model:ir.model.fields,field_description:vault.field_vault__id
+#: model:ir.model.fields,field_description:vault.field_vault_abstract__id
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__id
+#: model:ir.model.fields,field_description:vault.field_vault_entry__id
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__id
+#: model:ir.model.fields,field_description:vault.field_vault_field__id
+#: model:ir.model.fields,field_description:vault.field_vault_file__id
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__id
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__id
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__id
+#: model:ir.model.fields,field_description:vault.field_vault_log__id
+#: model:ir.model.fields,field_description:vault.field_vault_right__id
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__id
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__id
+#: model:ir.model.fields,field_description:vault.field_vault_tag__id
+msgid "ID"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,help:vault.field_vault_inbox__expiration
+msgid "If expired the inbox will be read-only for the owner."
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,help:vault.field_vault_inbox__accesses
+msgid "If this is 0 the inbox will be read-only for the owner."
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_import_wizard
+msgid "Import"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault.py:0
+#: code:addons/vault/models/vault_entry.py:0
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_form
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_form
+#, python-format
+msgid "Import from file"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/wizards/vault_import_wizard.py:0
+#: model:ir.model,name:vault.model_vault_import_wizard
+#, python-format
+msgid "Import wizard for vaults"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/wizards/vault_import_wizard.py:0
+#: model:ir.model,name:vault.model_vault_import_wizard_path
+#, python-format
+msgid "Import wizard path for vaults"
+msgstr ""
+
+#. module: vault
+#: model:ir.actions.act_window,name:vault.action_vault_inbox
+#: model:ir.ui.menu,name:vault.menu_vault_inbox
+msgid "Inbox"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users__inbox_enabled
+msgid "Inbox Enabled"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users__inbox_link
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__inbox_link
+msgid "Inbox Link"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users__inbox_token
+msgid "Inbox Token"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__include_childs
+msgid "Include Childs"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_log.py:0
+#, python-format
+msgid "Information"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/wizards/vault_import_wizard.py:0
+#, python-format
+msgid "Invalid file to import from"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/res_users_key.py:0
+#: code:addons/vault/models/res_users_key.py:0
+#, python-format
+msgid "Invalid parameter"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/controllers/main.py:0
+#, python-format
+msgid "Invalid token"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__iterations
+msgid "Iterations"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__iv
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__iv
+#: model:ir.model.fields,field_description:vault.field_vault_field__iv
+#: model:ir.model.fields,field_description:vault.field_vault_file__iv
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__iv
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__iv
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__iv
+msgid "Iv"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_import_wizard
+msgid "Keepass Database <b>.kdbx</b>"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__key
+#: model:ir.model.fields,field_description:vault.field_vault_right__key
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__key
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__key
+msgid "Key"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Key Management"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__key_user
+msgid "Key User"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Keyfile:"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users__keys
+msgid "Keys"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users____last_update
+#: model:ir.model.fields,field_description:vault.field_res_users_key____last_update
+#: model:ir.model.fields,field_description:vault.field_vault____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_abstract____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_entry____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_field____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_file____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_inbox____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_log____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_right____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_tag____last_update
+msgid "Last Modified on"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_entry__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_field__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_file__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_log__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_right__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_tag__write_uid
+msgid "Last Updated by"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__write_date
+#: model:ir.model.fields,field_description:vault.field_vault__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_entry__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_field__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_file__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_log__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_right__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_tag__write_date
+msgid "Last Updated on"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Length:"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__log_ids
+#: model:ir.model.fields,field_description:vault.field_vault_entry__log_ids
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_form
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_form
+msgid "Log"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_log.py:0
+#: model:ir.model,name:vault.model_vault_log
+#, python-format
+msgid "Log entry of a vault"
+msgstr ""
+
+#. module: vault
+#: model:ir.actions.act_window,name:vault.action_res_users_keys
+msgid "Manage my keys"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__master_key
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__master_key
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__master_key
+#: model:ir.model.fields,field_description:vault.field_vault_field__master_key
+#: model:ir.model.fields,field_description:vault.field_vault_file__master_key
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__master_key
+#: model:ir.model.fields,field_description:vault.field_vault_right__master_key
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__master_key
+msgid "Master Key"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_log__message
+msgid "Message"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/controllers/main.py:0
+#, python-format
+msgid "Missing filename"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault_utils.js:0
+#: code:addons/vault/static/src/js/vault_utils.js:0
+#, python-format
+msgid "Missing password"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__model
+msgid "Model"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__name
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__name
+#: model:ir.model.fields,field_description:vault.field_vault_entry__name
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__name
+#: model:ir.model.fields,field_description:vault.field_vault_field__name
+#: model:ir.model.fields,field_description:vault.field_vault_file__name
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__name
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__name
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__name
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__name
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__name
+#: model:ir.model.fields,field_description:vault.field_vault_tag__name
+msgid "Name"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.inbox
+msgid "Name of your secret:"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
+msgid "New inbox link"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
+msgid "New private key"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/controllers/main.py:0
+#, python-format
+msgid "No secret found"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_inbox.py:0
+#: code:addons/vault/wizards/vault_send_wizard.py:0
+#: model:ir.model.constraint,message:vault.constraint_vault_inbox_value_check
+#: model:ir.model.constraint,message:vault.constraint_vault_send_wizard_value_check
+#, python-format
+msgid "No value found"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__note
+#: model:ir.model.fields,field_description:vault.field_vault_entry__note
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_form
+msgid "Note"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__user_id
+#: model:ir.model.fields,field_description:vault.field_vault_entry__user_id
+msgid "Owner"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_entry__parent_id
+msgid "Parent"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__parent_id
+msgid "Parent Entry"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Password:"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__path
+msgid "Path to import"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__perm_user
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__perm_user
+#: model:ir.model.fields,field_description:vault.field_vault_entry__perm_user
+#: model:ir.model.fields,field_description:vault.field_vault_field__perm_user
+#: model:ir.model.fields,field_description:vault.field_vault_file__perm_user
+#: model:ir.model.fields,field_description:vault.field_vault_right__perm_user
+msgid "Perm User"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault_export.js:0
+#: code:addons/vault/static/src/js/vault_import.js:0
+#, python-format
+msgid "Please enter the password for the database"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault_import.js:0
+#, python-format
+msgid "Please enter the password for the keepass database"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault.js:0
+#, python-format
+msgid "Please enter the password for your private key"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Please enter your password or upload a keyfile:"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/controllers/main.py:0
+#, python-format
+msgid "Please specify a name"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__private
+msgid "Private"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__public
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__public
+msgid "Public"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_right__public_key
+msgid "Public Key"
+msgstr ""
+
+#. module: vault
+#: model:ir.actions.act_window,name:vault.action_vault_right
+#: model:ir.model.fields,field_description:vault.field_vault__right_ids
+#: model:ir.ui.menu,name:vault.menu_vault_right
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_form
+msgid "Rights"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__salt
+msgid "Salt"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault_widget.js:0
+#: code:addons/vault/static/src/js/vault_widget.js:0
+#, python-format
+msgid "Save As..."
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Save in a vault"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__secret
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__secret
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__secret
+#: model_terms:ir.ui.view,arch_db:vault.inbox
+msgid "Secret"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__secret_file
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__secret_file
+msgid "Secret File"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__secret_temporary
+msgid "Secret Temporary"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.inbox
+msgid "Secret to share:"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_send_wizard
+msgid "Send"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Send the secret to an user"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault_widget.js:0
+#, python-format
+msgid "Send the secret to another user"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_right__perm_share
+msgid "Share"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Show"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/controllers/main.py:0
+#, python-format
+msgid "Something went wrong with the encryption"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Special"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_log__state
+msgid "State"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_store_wizard
+msgid "Store"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault_widget.js:0
+#, python-format
+msgid "Store the secret in a vault"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.inbox
+msgid "Submit secret"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/controllers/main.py:0
+#, python-format
+msgid "Successfully stored"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_entry__tags
+msgid "Tags"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault.py:0
+#: code:addons/vault/models/vault_entry.py:0
+#: model:ir.model.constraint,message:vault.constraint_vault_entry_vault_uuid_uniq
+#: model:ir.model.constraint,message:vault.constraint_vault_uuid_uniq
+#, python-format
+msgid "The UUID must be unique."
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault_widget.js:0
+#: code:addons/vault/static/src/js/vault_widget.js:0
+#, python-format
+msgid "The field is empty, there's nothing to save!"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_import_wizard
+msgid "The files must end on one of the supported file type:"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault_utils.js:0
+#, python-format
+msgid "The passwords aren't matching"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/abstract_vault.py:0
+#, python-format
+msgid ""
+"The requested operation can not be completed due to security restrictions."
+msgstr ""
+
+#. module: vault
+#: model:ir.model.constraint,message:vault.constraint_vault_tag_name_uniq
+msgid "The tag must be unique!"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.constraint,message:vault.constraint_vault_right_user_uniq
+msgid "The user must be unique"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault_controller.js:0
+#, python-format
+msgid "This will re-encrypt everything in the vault. Do you want to proceed?"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__token
+msgid "Token"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault_import.js:0
+#, python-format
+msgid "Unsupported file to import"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_entry__url
+msgid "Url"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__user_id
+#: model:ir.model.fields,field_description:vault.field_vault_log__user_id
+#: model:ir.model.fields,field_description:vault.field_vault_right__user_id
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__user_id
+msgid "User"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/res_users_key.py:0
+#: model:ir.model,name:vault.model_res_users_key
+#, python-format
+msgid "User data of a vault"
+msgstr ""
+
+#. module: vault
+#: model:ir.model,name:vault.model_res_users
+msgid "Users"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,help:vault.field_vault_inbox__inbox_link
+msgid ""
+"Using this link you can write to the current inbox. If you want people to "
+"create new inboxes you should give them your inbox link from your key "
+"management."
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__uuid
+#: model:ir.model.fields,field_description:vault.field_vault__uuid
+#: model:ir.model.fields,field_description:vault.field_vault_entry__uuid
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__uuid
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__uuid
+msgid "Uuid"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_field__value
+#: model:ir.model.fields,field_description:vault.field_vault_file__value
+msgid "Value"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault.py:0
+#: model:ir.actions.act_window,name:vault.action_vault
+#: model:ir.model,name:vault.model_vault
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__vault_id
+#: model:ir.model.fields,field_description:vault.field_vault_entry__vault_id
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__vault_id
+#: model:ir.model.fields,field_description:vault.field_vault_field__vault_id
+#: model:ir.model.fields,field_description:vault.field_vault_file__vault_id
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__vault_id
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__user_id
+#: model:ir.model.fields,field_description:vault.field_vault_log__vault_id
+#: model:ir.model.fields,field_description:vault.field_vault_right__vault_id
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__vault_id
+#: model:ir.ui.menu,name:vault.menu_vault
+#, python-format
+msgid "Vault"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users__vault_right_ids
+msgid "Vault Right"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_right.py:0
+#: model:ir.model,name:vault.model_vault_right
+#, python-format
+msgid "Vault rights"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_inbox.py:0
+#: model:ir.model,name:vault.model_vault_inbox
+#, python-format
+msgid "Vault share incoming secrets"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_tag.py:0
+#: model:ir.model,name:vault.model_vault_tag
+#, python-format
+msgid "Vault tag"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_log.py:0
+#, python-format
+msgid "Warning"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/wizards/vault_store_wizard.py:0
+#: model:ir.model,name:vault.model_vault_store_wizard
+#, python-format
+msgid "Wizard store a shared secret in a vault"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/wizards/vault_send_wizard.py:0
+#: model:ir.model,name:vault.model_vault_send_wizard
+#, python-format
+msgid "Wizard to send another user a secret"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_right__perm_write
+msgid "Write"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_send_wizard
+msgid ""
+"You can only send the secret to the user who has generated a key-pair.\n"
+"                        If an user is not showing please ask him to generate these."
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "a-z"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_import_wizard
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_send_wizard
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_store_wizard
+msgid "or"
+msgstr ""

From fdfac4a752670f411efe31f2f63069bf5e1529cb Mon Sep 17 00:00:00 2001
From: oca-travis <oca+oca-travis@odoo-community.org>
Date: Tue, 21 Sep 2021 14:17:48 +0000
Subject: [PATCH 03/71] Update vault_share.pot

---
 vault_share/i18n/vault_share.pot | 208 +++++++++++++++++++++++++++++++
 1 file changed, 208 insertions(+)
 create mode 100644 vault_share/i18n/vault_share.pot

diff --git a/vault_share/i18n/vault_share.pot b/vault_share/i18n/vault_share.pot
new file mode 100644
index 0000000000..9ab807534b
--- /dev/null
+++ b/vault_share/i18n/vault_share.pot
@@ -0,0 +1,208 @@
+# Translation of Odoo Server.
+# This file contains the translation of the following modules:
+# 	* vault_share
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Odoo Server 14.0\n"
+"Report-Msgid-Bugs-To: \n"
+"Last-Translator: \n"
+"Language-Team: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: \n"
+"Plural-Forms: \n"
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__accesses
+msgid "Access counter"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.actions.server,name:vault_share.cron_share_clean_ir_actions_server
+#: model:ir.cron,cron_name:vault_share.cron_share_clean
+#: model:ir.cron,name:vault_share.cron_share_clean
+msgid "Clean outgoing share"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__create_uid
+msgid "Created by"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__create_date
+msgid "Created on"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__display_name
+msgid "Display Name"
+msgstr ""
+
+#. module: vault_share
+#: model_terms:ir.ui.view,arch_db:vault_share.share
+msgid "Enter the pin:"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__expiration
+msgid "Expiration"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__filename
+msgid "Filename"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__id
+msgid "ID"
+msgstr ""
+
+#. module: vault_share
+#: code:addons/vault_share/controllers/main.py:0
+#, python-format
+msgid "Invalid token"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__iv
+msgid "Iv"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share____last_update
+msgid "Last Modified on"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__write_uid
+msgid "Last Updated by"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__write_date
+msgid "Last Updated on"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__name
+msgid "Name"
+msgstr ""
+
+#. module: vault_share
+#: code:addons/vault_share/models/vault_share.py:0
+#: model:ir.model.constraint,message:vault_share.constraint_vault_share_value_check
+#, python-format
+msgid "No value found"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__pin
+msgid "Pin"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__salt
+msgid "Salt"
+msgstr ""
+
+#. module: vault_share
+#. openerp-web
+#: code:addons/vault_share/static/src/xml/templates.xml:0
+#: code:addons/vault_share/static/src/xml/templates.xml:0
+#: code:addons/vault_share/static/src/xml/templates.xml:0
+#: code:addons/vault_share/static/src/xml/templates.xml:0
+#, python-format
+msgid "Save in a vault"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__secret
+msgid "Secret"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__secret_file
+msgid "Secret File"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__share_link
+msgid "Share URL"
+msgstr ""
+
+#. module: vault_share
+#. openerp-web
+#: code:addons/vault_share/static/src/js/vault_fields.js:0
+#, python-format
+msgid "Share the secret"
+msgstr ""
+
+#. module: vault_share
+#. openerp-web
+#: code:addons/vault_share/static/src/xml/templates.xml:0
+#: code:addons/vault_share/static/src/xml/templates.xml:0
+#, python-format
+msgid "Share the secret with an external user"
+msgstr ""
+
+#. module: vault_share
+#: model_terms:ir.ui.view,arch_db:vault_share.share
+msgid "Shared file:"
+msgstr ""
+
+#. module: vault_share
+#: model_terms:ir.ui.view,arch_db:vault_share.share
+msgid "Shared secret:"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.actions.act_window,name:vault_share.action_vault_share
+#: model:ir.ui.menu,name:vault_share.menu_vault_share
+msgid "Shares"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,help:vault_share.field_vault_share__expiration
+msgid "Specifies how long a share can be accessed until deletion."
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,help:vault_share.field_vault_share__accesses
+msgid "Specifies how often a share can be accessed before deletion."
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,help:vault_share.field_vault_share__pin
+msgid "The pin needed to decrypt the share."
+msgstr ""
+
+#. module: vault_share
+#: code:addons/vault_share/controllers/main.py:0
+#, python-format
+msgid "The secret expired"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__token
+msgid "Token"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__user_id
+msgid "User"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,help:vault_share.field_vault_share__share_link
+msgid "Using this link and pin people can access the secret."
+msgstr ""
+
+#. module: vault_share
+#: code:addons/vault_share/models/vault_share.py:0
+#: model:ir.model,name:vault_share.model_vault_share
+#, python-format
+msgid "Vault share outgoing secrets"
+msgstr ""

From 69ba2230268787fc7d2377345841a0e1585bbfc7 Mon Sep 17 00:00:00 2001
From: OCA-git-bot <oca-git-bot@odoo-community.org>
Date: Tue, 21 Sep 2021 14:53:35 +0000
Subject: [PATCH 04/71] README.rst

---
 vault/README.rst                          |  87 +++++
 vault/static/description/index.html       | 437 ++++++++++++++++++++++
 vault_share/README.rst                    |  78 ++++
 vault_share/static/description/index.html | 412 ++++++++++++++++++++
 4 files changed, 1014 insertions(+)
 create mode 100644 vault/README.rst
 create mode 100644 vault/static/description/index.html
 create mode 100644 vault_share/README.rst
 create mode 100644 vault_share/static/description/index.html

diff --git a/vault/README.rst b/vault/README.rst
new file mode 100644
index 0000000000..401452e0e8
--- /dev/null
+++ b/vault/README.rst
@@ -0,0 +1,87 @@
+=====
+Vault
+=====
+
+.. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+   !! This file is generated by oca-gen-addon-readme !!
+   !! changes will be overwritten.                   !!
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+
+.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
+    :target: https://odoo-community.org/page/development-status
+    :alt: Beta
+.. |badge2| image:: https://img.shields.io/badge/licence-AGPL--3-blue.png
+    :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
+    :alt: License: AGPL-3
+.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github
+    :target: https://github.com/OCA/server-auth/tree/14.0/vault
+    :alt: OCA/server-auth
+.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
+    :target: https://translation.odoo-community.org/projects/server-auth-14-0/server-auth-14-0-vault
+    :alt: Translate me on Weblate
+.. |badge5| image:: https://img.shields.io/badge/runbot-Try%20me-875A7B.png
+    :target: https://runbot.odoo-community.org/runbot/251/14.0
+    :alt: Try me on Runbot
+
+|badge1| |badge2| |badge3| |badge4| |badge5| 
+
+This module implements a vault for secrets and files using end-to-end-encryption. The encryption and decryption happens in the browser using a vault specific shared master key. The master keys are encrypted using asymmetrically. For this the user has to enter a second password on the first login or if he needs to access data in a vault. The asymmetric keys are stored for a certain time in the browser storage.
+
+The server can never access the secrets with the information available. Only people registered in the vault can decrypt or encrypt values in a vault. The meta data isn't encrypted to be able to search/filter for entries more easily.
+
+**Table of contents**
+
+.. contents::
+   :local:
+
+Known issues / Roadmap
+======================
+
+* Field and file history for restoration
+
+* Import improvement
+
+ * Support challenge-response/FIDO2
+ * Support for argon2 and kdbx v4
+
+* Properly handle missing Crypto API because no https
+
+Bug Tracker
+===========
+
+Bugs are tracked on `GitHub Issues <https://github.com/OCA/server-auth/issues>`_.
+In case of trouble, please check there if your issue has already been reported.
+If you spotted it first, help us smashing it by providing a detailed and welcomed
+`feedback <https://github.com/OCA/server-auth/issues/new?body=module:%20vault%0Aversion:%2014.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
+
+Do not contact contributors directly about support or help with technical issues.
+
+Credits
+=======
+
+Authors
+~~~~~~~
+
+* initOS GmbH
+
+Contributors
+~~~~~~~~~~~~
+
+* Florian Kantelberg <florian.kantelberg@initos.com>
+
+Maintainers
+~~~~~~~~~~~
+
+This module is maintained by the OCA.
+
+.. image:: https://odoo-community.org/logo.png
+   :alt: Odoo Community Association
+   :target: https://odoo-community.org
+
+OCA, or the Odoo Community Association, is a nonprofit organization whose
+mission is to support the collaborative development of Odoo features and
+promote its widespread use.
+
+This module is part of the `OCA/server-auth <https://github.com/OCA/server-auth/tree/14.0/vault>`_ project on GitHub.
+
+You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.
diff --git a/vault/static/description/index.html b/vault/static/description/index.html
new file mode 100644
index 0000000000..98c16a698a
--- /dev/null
+++ b/vault/static/description/index.html
@@ -0,0 +1,437 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<meta name="generator" content="Docutils 0.15.1: http://docutils.sourceforge.net/" />
+<title>Vault</title>
+<style type="text/css">
+
+/*
+:Author: David Goodger (goodger@python.org)
+:Id: $Id: html4css1.css 7952 2016-07-26 18:15:59Z milde $
+:Copyright: This stylesheet has been placed in the public domain.
+
+Default cascading style sheet for the HTML output of Docutils.
+
+See http://docutils.sf.net/docs/howto/html-stylesheets.html for how to
+customize this style sheet.
+*/
+
+/* used to remove borders from tables and images */
+.borderless, table.borderless td, table.borderless th {
+  border: 0 }
+
+table.borderless td, table.borderless th {
+  /* Override padding for "table.docutils td" with "! important".
+     The right padding separates the table cells. */
+  padding: 0 0.5em 0 0 ! important }
+
+.first {
+  /* Override more specific margin styles with "! important". */
+  margin-top: 0 ! important }
+
+.last, .with-subtitle {
+  margin-bottom: 0 ! important }
+
+.hidden {
+  display: none }
+
+.subscript {
+  vertical-align: sub;
+  font-size: smaller }
+
+.superscript {
+  vertical-align: super;
+  font-size: smaller }
+
+a.toc-backref {
+  text-decoration: none ;
+  color: black }
+
+blockquote.epigraph {
+  margin: 2em 5em ; }
+
+dl.docutils dd {
+  margin-bottom: 0.5em }
+
+object[type="image/svg+xml"], object[type="application/x-shockwave-flash"] {
+  overflow: hidden;
+}
+
+/* Uncomment (and remove this text!) to get bold-faced definition list terms
+dl.docutils dt {
+  font-weight: bold }
+*/
+
+div.abstract {
+  margin: 2em 5em }
+
+div.abstract p.topic-title {
+  font-weight: bold ;
+  text-align: center }
+
+div.admonition, div.attention, div.caution, div.danger, div.error,
+div.hint, div.important, div.note, div.tip, div.warning {
+  margin: 2em ;
+  border: medium outset ;
+  padding: 1em }
+
+div.admonition p.admonition-title, div.hint p.admonition-title,
+div.important p.admonition-title, div.note p.admonition-title,
+div.tip p.admonition-title {
+  font-weight: bold ;
+  font-family: sans-serif }
+
+div.attention p.admonition-title, div.caution p.admonition-title,
+div.danger p.admonition-title, div.error p.admonition-title,
+div.warning p.admonition-title, .code .error {
+  color: red ;
+  font-weight: bold ;
+  font-family: sans-serif }
+
+/* Uncomment (and remove this text!) to get reduced vertical space in
+   compound paragraphs.
+div.compound .compound-first, div.compound .compound-middle {
+  margin-bottom: 0.5em }
+
+div.compound .compound-last, div.compound .compound-middle {
+  margin-top: 0.5em }
+*/
+
+div.dedication {
+  margin: 2em 5em ;
+  text-align: center ;
+  font-style: italic }
+
+div.dedication p.topic-title {
+  font-weight: bold ;
+  font-style: normal }
+
+div.figure {
+  margin-left: 2em ;
+  margin-right: 2em }
+
+div.footer, div.header {
+  clear: both;
+  font-size: smaller }
+
+div.line-block {
+  display: block ;
+  margin-top: 1em ;
+  margin-bottom: 1em }
+
+div.line-block div.line-block {
+  margin-top: 0 ;
+  margin-bottom: 0 ;
+  margin-left: 1.5em }
+
+div.sidebar {
+  margin: 0 0 0.5em 1em ;
+  border: medium outset ;
+  padding: 1em ;
+  background-color: #ffffee ;
+  width: 40% ;
+  float: right ;
+  clear: right }
+
+div.sidebar p.rubric {
+  font-family: sans-serif ;
+  font-size: medium }
+
+div.system-messages {
+  margin: 5em }
+
+div.system-messages h1 {
+  color: red }
+
+div.system-message {
+  border: medium outset ;
+  padding: 1em }
+
+div.system-message p.system-message-title {
+  color: red ;
+  font-weight: bold }
+
+div.topic {
+  margin: 2em }
+
+h1.section-subtitle, h2.section-subtitle, h3.section-subtitle,
+h4.section-subtitle, h5.section-subtitle, h6.section-subtitle {
+  margin-top: 0.4em }
+
+h1.title {
+  text-align: center }
+
+h2.subtitle {
+  text-align: center }
+
+hr.docutils {
+  width: 75% }
+
+img.align-left, .figure.align-left, object.align-left, table.align-left {
+  clear: left ;
+  float: left ;
+  margin-right: 1em }
+
+img.align-right, .figure.align-right, object.align-right, table.align-right {
+  clear: right ;
+  float: right ;
+  margin-left: 1em }
+
+img.align-center, .figure.align-center, object.align-center {
+  display: block;
+  margin-left: auto;
+  margin-right: auto;
+}
+
+table.align-center {
+  margin-left: auto;
+  margin-right: auto;
+}
+
+.align-left {
+  text-align: left }
+
+.align-center {
+  clear: both ;
+  text-align: center }
+
+.align-right {
+  text-align: right }
+
+/* reset inner alignment in figures */
+div.align-right {
+  text-align: inherit }
+
+/* div.align-center * { */
+/*   text-align: left } */
+
+.align-top    {
+  vertical-align: top }
+
+.align-middle {
+  vertical-align: middle }
+
+.align-bottom {
+  vertical-align: bottom }
+
+ol.simple, ul.simple {
+  margin-bottom: 1em }
+
+ol.arabic {
+  list-style: decimal }
+
+ol.loweralpha {
+  list-style: lower-alpha }
+
+ol.upperalpha {
+  list-style: upper-alpha }
+
+ol.lowerroman {
+  list-style: lower-roman }
+
+ol.upperroman {
+  list-style: upper-roman }
+
+p.attribution {
+  text-align: right ;
+  margin-left: 50% }
+
+p.caption {
+  font-style: italic }
+
+p.credits {
+  font-style: italic ;
+  font-size: smaller }
+
+p.label {
+  white-space: nowrap }
+
+p.rubric {
+  font-weight: bold ;
+  font-size: larger ;
+  color: maroon ;
+  text-align: center }
+
+p.sidebar-title {
+  font-family: sans-serif ;
+  font-weight: bold ;
+  font-size: larger }
+
+p.sidebar-subtitle {
+  font-family: sans-serif ;
+  font-weight: bold }
+
+p.topic-title {
+  font-weight: bold }
+
+pre.address {
+  margin-bottom: 0 ;
+  margin-top: 0 ;
+  font: inherit }
+
+pre.literal-block, pre.doctest-block, pre.math, pre.code {
+  margin-left: 2em ;
+  margin-right: 2em }
+
+pre.code .ln { color: grey; } /* line numbers */
+pre.code, code { background-color: #eeeeee }
+pre.code .comment, code .comment { color: #5C6576 }
+pre.code .keyword, code .keyword { color: #3B0D06; font-weight: bold }
+pre.code .literal.string, code .literal.string { color: #0C5404 }
+pre.code .name.builtin, code .name.builtin { color: #352B84 }
+pre.code .deleted, code .deleted { background-color: #DEB0A1}
+pre.code .inserted, code .inserted { background-color: #A3D289}
+
+span.classifier {
+  font-family: sans-serif ;
+  font-style: oblique }
+
+span.classifier-delimiter {
+  font-family: sans-serif ;
+  font-weight: bold }
+
+span.interpreted {
+  font-family: sans-serif }
+
+span.option {
+  white-space: nowrap }
+
+span.pre {
+  white-space: pre }
+
+span.problematic {
+  color: red }
+
+span.section-subtitle {
+  /* font-size relative to parent (h1..h6 element) */
+  font-size: 80% }
+
+table.citation {
+  border-left: solid 1px gray;
+  margin-left: 1px }
+
+table.docinfo {
+  margin: 2em 4em }
+
+table.docutils {
+  margin-top: 0.5em ;
+  margin-bottom: 0.5em }
+
+table.footnote {
+  border-left: solid 1px black;
+  margin-left: 1px }
+
+table.docutils td, table.docutils th,
+table.docinfo td, table.docinfo th {
+  padding-left: 0.5em ;
+  padding-right: 0.5em ;
+  vertical-align: top }
+
+table.docutils th.field-name, table.docinfo th.docinfo-name {
+  font-weight: bold ;
+  text-align: left ;
+  white-space: nowrap ;
+  padding-left: 0 }
+
+/* "booktabs" style (no vertical lines) */
+table.docutils.booktabs {
+  border: 0px;
+  border-top: 2px solid;
+  border-bottom: 2px solid;
+  border-collapse: collapse;
+}
+table.docutils.booktabs * {
+  border: 0px;
+}
+table.docutils.booktabs th {
+  border-bottom: thin solid;
+  text-align: left;
+}
+
+h1 tt.docutils, h2 tt.docutils, h3 tt.docutils,
+h4 tt.docutils, h5 tt.docutils, h6 tt.docutils {
+  font-size: 100% }
+
+ul.auto-toc {
+  list-style-type: none }
+
+</style>
+</head>
+<body>
+<div class="document" id="vault">
+<h1 class="title">Vault</h1>
+
+<!-- !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!! This file is generated by oca-gen-addon-readme !!
+!! changes will be overwritten.                   !!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -->
+<p><a class="reference external" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external" href="https://github.com/OCA/server-auth/tree/14.0/vault"><img alt="OCA/server-auth" src="https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github" /></a> <a class="reference external" href="https://translation.odoo-community.org/projects/server-auth-14-0/server-auth-14-0-vault"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external" href="https://runbot.odoo-community.org/runbot/251/14.0"><img alt="Try me on Runbot" src="https://img.shields.io/badge/runbot-Try%20me-875A7B.png" /></a></p>
+<p>This module implements a vault for secrets and files using end-to-end-encryption. The encryption and decryption happens in the browser using a vault specific shared master key. The master keys are encrypted using asymmetrically. For this the user has to enter a second password on the first login or if he needs to access data in a vault. The asymmetric keys are stored for a certain time in the browser storage.</p>
+<p>The server can never access the secrets with the information available. Only people registered in the vault can decrypt or encrypt values in a vault. The meta data isn’t encrypted to be able to search/filter for entries more easily.</p>
+<p><strong>Table of contents</strong></p>
+<div class="contents local topic" id="contents">
+<ul class="simple">
+<li><a class="reference internal" href="#known-issues-roadmap" id="id1">Known issues / Roadmap</a></li>
+<li><a class="reference internal" href="#bug-tracker" id="id2">Bug Tracker</a></li>
+<li><a class="reference internal" href="#credits" id="id3">Credits</a><ul>
+<li><a class="reference internal" href="#authors" id="id4">Authors</a></li>
+<li><a class="reference internal" href="#contributors" id="id5">Contributors</a></li>
+<li><a class="reference internal" href="#maintainers" id="id6">Maintainers</a></li>
+</ul>
+</li>
+</ul>
+</div>
+<div class="section" id="known-issues-roadmap">
+<h1><a class="toc-backref" href="#id1">Known issues / Roadmap</a></h1>
+<ul class="simple">
+<li>Field and file history for restoration</li>
+<li>Import improvement</li>
+</ul>
+<blockquote>
+<ul class="simple">
+<li>Support challenge-response/FIDO2</li>
+<li>Support for argon2 and kdbx v4</li>
+</ul>
+</blockquote>
+<ul class="simple">
+<li>Properly handle missing Crypto API because no https</li>
+</ul>
+</div>
+<div class="section" id="bug-tracker">
+<h1><a class="toc-backref" href="#id2">Bug Tracker</a></h1>
+<p>Bugs are tracked on <a class="reference external" href="https://github.com/OCA/server-auth/issues">GitHub Issues</a>.
+In case of trouble, please check there if your issue has already been reported.
+If you spotted it first, help us smashing it by providing a detailed and welcomed
+<a class="reference external" href="https://github.com/OCA/server-auth/issues/new?body=module:%20vault%0Aversion:%2014.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**">feedback</a>.</p>
+<p>Do not contact contributors directly about support or help with technical issues.</p>
+</div>
+<div class="section" id="credits">
+<h1><a class="toc-backref" href="#id3">Credits</a></h1>
+<div class="section" id="authors">
+<h2><a class="toc-backref" href="#id4">Authors</a></h2>
+<ul class="simple">
+<li>initOS GmbH</li>
+</ul>
+</div>
+<div class="section" id="contributors">
+<h2><a class="toc-backref" href="#id5">Contributors</a></h2>
+<ul class="simple">
+<li>Florian Kantelberg &lt;<a class="reference external" href="mailto:florian.kantelberg&#64;initos.com">florian.kantelberg&#64;initos.com</a>&gt;</li>
+</ul>
+</div>
+<div class="section" id="maintainers">
+<h2><a class="toc-backref" href="#id6">Maintainers</a></h2>
+<p>This module is maintained by the OCA.</p>
+<a class="reference external image-reference" href="https://odoo-community.org"><img alt="Odoo Community Association" src="https://odoo-community.org/logo.png" /></a>
+<p>OCA, or the Odoo Community Association, is a nonprofit organization whose
+mission is to support the collaborative development of Odoo features and
+promote its widespread use.</p>
+<p>This module is part of the <a class="reference external" href="https://github.com/OCA/server-auth/tree/14.0/vault">OCA/server-auth</a> project on GitHub.</p>
+<p>You are welcome to contribute. To learn how please visit <a class="reference external" href="https://odoo-community.org/page/Contribute">https://odoo-community.org/page/Contribute</a>.</p>
+</div>
+</div>
+</div>
+</body>
+</html>
diff --git a/vault_share/README.rst b/vault_share/README.rst
new file mode 100644
index 0000000000..79c29aa762
--- /dev/null
+++ b/vault_share/README.rst
@@ -0,0 +1,78 @@
+=============
+Vault - Share
+=============
+
+.. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+   !! This file is generated by oca-gen-addon-readme !!
+   !! changes will be overwritten.                   !!
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+
+.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
+    :target: https://odoo-community.org/page/development-status
+    :alt: Beta
+.. |badge2| image:: https://img.shields.io/badge/licence-AGPL--3-blue.png
+    :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
+    :alt: License: AGPL-3
+.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github
+    :target: https://github.com/OCA/server-auth/tree/14.0/vault_share
+    :alt: OCA/server-auth
+.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
+    :target: https://translation.odoo-community.org/projects/server-auth-14-0/server-auth-14-0-vault_share
+    :alt: Translate me on Weblate
+.. |badge5| image:: https://img.shields.io/badge/runbot-Try%20me-875A7B.png
+    :target: https://runbot.odoo-community.org/runbot/251/14.0
+    :alt: Try me on Runbot
+
+|badge1| |badge2| |badge3| |badge4| |badge5| 
+
+This module implements possibilities to share specific secrets with external users. This bases on the vault implementation and the generated RSA key pair.
+
+Share
+=====
+
+This allows an user to share a secret with external users. A share can be generated from a vault entry or directly created by an user. The secret is symmetrically encrypted by a key derived from a pin. To grant access the user has to transmit the link and pin with the external. If either the access counter reaches 0 or the share expires it will be deleted automatically. Due to the usage of a numeric pin and the browser side decryption a share is vulnerable to brute-force attacks and shouldn't be used as a permanent storage for secrets. For long time uses the user should create an account and a vault should be used.
+
+**Table of contents**
+
+.. contents::
+   :local:
+
+Bug Tracker
+===========
+
+Bugs are tracked on `GitHub Issues <https://github.com/OCA/server-auth/issues>`_.
+In case of trouble, please check there if your issue has already been reported.
+If you spotted it first, help us smashing it by providing a detailed and welcomed
+`feedback <https://github.com/OCA/server-auth/issues/new?body=module:%20vault_share%0Aversion:%2014.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
+
+Do not contact contributors directly about support or help with technical issues.
+
+Credits
+=======
+
+Authors
+~~~~~~~
+
+* initOS GmbH
+
+Contributors
+~~~~~~~~~~~~
+
+* Florian Kantelberg <florian.kantelberg@initos.com>
+
+Maintainers
+~~~~~~~~~~~
+
+This module is maintained by the OCA.
+
+.. image:: https://odoo-community.org/logo.png
+   :alt: Odoo Community Association
+   :target: https://odoo-community.org
+
+OCA, or the Odoo Community Association, is a nonprofit organization whose
+mission is to support the collaborative development of Odoo features and
+promote its widespread use.
+
+This module is part of the `OCA/server-auth <https://github.com/OCA/server-auth/tree/14.0/vault_share>`_ project on GitHub.
+
+You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.
diff --git a/vault_share/static/description/index.html b/vault_share/static/description/index.html
new file mode 100644
index 0000000000..915b781b46
--- /dev/null
+++ b/vault_share/static/description/index.html
@@ -0,0 +1,412 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<meta name="generator" content="Docutils 0.15.1: http://docutils.sourceforge.net/" />
+<title>Vault - Share</title>
+<style type="text/css">
+
+/*
+:Author: David Goodger (goodger@python.org)
+:Id: $Id: html4css1.css 7952 2016-07-26 18:15:59Z milde $
+:Copyright: This stylesheet has been placed in the public domain.
+
+Default cascading style sheet for the HTML output of Docutils.
+
+See http://docutils.sf.net/docs/howto/html-stylesheets.html for how to
+customize this style sheet.
+*/
+
+/* used to remove borders from tables and images */
+.borderless, table.borderless td, table.borderless th {
+  border: 0 }
+
+table.borderless td, table.borderless th {
+  /* Override padding for "table.docutils td" with "! important".
+     The right padding separates the table cells. */
+  padding: 0 0.5em 0 0 ! important }
+
+.first {
+  /* Override more specific margin styles with "! important". */
+  margin-top: 0 ! important }
+
+.last, .with-subtitle {
+  margin-bottom: 0 ! important }
+
+.hidden {
+  display: none }
+
+.subscript {
+  vertical-align: sub;
+  font-size: smaller }
+
+.superscript {
+  vertical-align: super;
+  font-size: smaller }
+
+a.toc-backref {
+  text-decoration: none ;
+  color: black }
+
+blockquote.epigraph {
+  margin: 2em 5em ; }
+
+dl.docutils dd {
+  margin-bottom: 0.5em }
+
+object[type="image/svg+xml"], object[type="application/x-shockwave-flash"] {
+  overflow: hidden;
+}
+
+/* Uncomment (and remove this text!) to get bold-faced definition list terms
+dl.docutils dt {
+  font-weight: bold }
+*/
+
+div.abstract {
+  margin: 2em 5em }
+
+div.abstract p.topic-title {
+  font-weight: bold ;
+  text-align: center }
+
+div.admonition, div.attention, div.caution, div.danger, div.error,
+div.hint, div.important, div.note, div.tip, div.warning {
+  margin: 2em ;
+  border: medium outset ;
+  padding: 1em }
+
+div.admonition p.admonition-title, div.hint p.admonition-title,
+div.important p.admonition-title, div.note p.admonition-title,
+div.tip p.admonition-title {
+  font-weight: bold ;
+  font-family: sans-serif }
+
+div.attention p.admonition-title, div.caution p.admonition-title,
+div.danger p.admonition-title, div.error p.admonition-title,
+div.warning p.admonition-title, .code .error {
+  color: red ;
+  font-weight: bold ;
+  font-family: sans-serif }
+
+/* Uncomment (and remove this text!) to get reduced vertical space in
+   compound paragraphs.
+div.compound .compound-first, div.compound .compound-middle {
+  margin-bottom: 0.5em }
+
+div.compound .compound-last, div.compound .compound-middle {
+  margin-top: 0.5em }
+*/
+
+div.dedication {
+  margin: 2em 5em ;
+  text-align: center ;
+  font-style: italic }
+
+div.dedication p.topic-title {
+  font-weight: bold ;
+  font-style: normal }
+
+div.figure {
+  margin-left: 2em ;
+  margin-right: 2em }
+
+div.footer, div.header {
+  clear: both;
+  font-size: smaller }
+
+div.line-block {
+  display: block ;
+  margin-top: 1em ;
+  margin-bottom: 1em }
+
+div.line-block div.line-block {
+  margin-top: 0 ;
+  margin-bottom: 0 ;
+  margin-left: 1.5em }
+
+div.sidebar {
+  margin: 0 0 0.5em 1em ;
+  border: medium outset ;
+  padding: 1em ;
+  background-color: #ffffee ;
+  width: 40% ;
+  float: right ;
+  clear: right }
+
+div.sidebar p.rubric {
+  font-family: sans-serif ;
+  font-size: medium }
+
+div.system-messages {
+  margin: 5em }
+
+div.system-messages h1 {
+  color: red }
+
+div.system-message {
+  border: medium outset ;
+  padding: 1em }
+
+div.system-message p.system-message-title {
+  color: red ;
+  font-weight: bold }
+
+div.topic {
+  margin: 2em }
+
+h1.section-subtitle, h2.section-subtitle, h3.section-subtitle,
+h4.section-subtitle, h5.section-subtitle, h6.section-subtitle {
+  margin-top: 0.4em }
+
+h1.title {
+  text-align: center }
+
+h2.subtitle {
+  text-align: center }
+
+hr.docutils {
+  width: 75% }
+
+img.align-left, .figure.align-left, object.align-left, table.align-left {
+  clear: left ;
+  float: left ;
+  margin-right: 1em }
+
+img.align-right, .figure.align-right, object.align-right, table.align-right {
+  clear: right ;
+  float: right ;
+  margin-left: 1em }
+
+img.align-center, .figure.align-center, object.align-center {
+  display: block;
+  margin-left: auto;
+  margin-right: auto;
+}
+
+table.align-center {
+  margin-left: auto;
+  margin-right: auto;
+}
+
+.align-left {
+  text-align: left }
+
+.align-center {
+  clear: both ;
+  text-align: center }
+
+.align-right {
+  text-align: right }
+
+/* reset inner alignment in figures */
+div.align-right {
+  text-align: inherit }
+
+/* div.align-center * { */
+/*   text-align: left } */
+
+.align-top    {
+  vertical-align: top }
+
+.align-middle {
+  vertical-align: middle }
+
+.align-bottom {
+  vertical-align: bottom }
+
+ol.simple, ul.simple {
+  margin-bottom: 1em }
+
+ol.arabic {
+  list-style: decimal }
+
+ol.loweralpha {
+  list-style: lower-alpha }
+
+ol.upperalpha {
+  list-style: upper-alpha }
+
+ol.lowerroman {
+  list-style: lower-roman }
+
+ol.upperroman {
+  list-style: upper-roman }
+
+p.attribution {
+  text-align: right ;
+  margin-left: 50% }
+
+p.caption {
+  font-style: italic }
+
+p.credits {
+  font-style: italic ;
+  font-size: smaller }
+
+p.label {
+  white-space: nowrap }
+
+p.rubric {
+  font-weight: bold ;
+  font-size: larger ;
+  color: maroon ;
+  text-align: center }
+
+p.sidebar-title {
+  font-family: sans-serif ;
+  font-weight: bold ;
+  font-size: larger }
+
+p.sidebar-subtitle {
+  font-family: sans-serif ;
+  font-weight: bold }
+
+p.topic-title {
+  font-weight: bold }
+
+pre.address {
+  margin-bottom: 0 ;
+  margin-top: 0 ;
+  font: inherit }
+
+pre.literal-block, pre.doctest-block, pre.math, pre.code {
+  margin-left: 2em ;
+  margin-right: 2em }
+
+pre.code .ln { color: grey; } /* line numbers */
+pre.code, code { background-color: #eeeeee }
+pre.code .comment, code .comment { color: #5C6576 }
+pre.code .keyword, code .keyword { color: #3B0D06; font-weight: bold }
+pre.code .literal.string, code .literal.string { color: #0C5404 }
+pre.code .name.builtin, code .name.builtin { color: #352B84 }
+pre.code .deleted, code .deleted { background-color: #DEB0A1}
+pre.code .inserted, code .inserted { background-color: #A3D289}
+
+span.classifier {
+  font-family: sans-serif ;
+  font-style: oblique }
+
+span.classifier-delimiter {
+  font-family: sans-serif ;
+  font-weight: bold }
+
+span.interpreted {
+  font-family: sans-serif }
+
+span.option {
+  white-space: nowrap }
+
+span.pre {
+  white-space: pre }
+
+span.problematic {
+  color: red }
+
+span.section-subtitle {
+  /* font-size relative to parent (h1..h6 element) */
+  font-size: 80% }
+
+table.citation {
+  border-left: solid 1px gray;
+  margin-left: 1px }
+
+table.docinfo {
+  margin: 2em 4em }
+
+table.docutils {
+  margin-top: 0.5em ;
+  margin-bottom: 0.5em }
+
+table.footnote {
+  border-left: solid 1px black;
+  margin-left: 1px }
+
+table.docutils td, table.docutils th,
+table.docinfo td, table.docinfo th {
+  padding-left: 0.5em ;
+  padding-right: 0.5em ;
+  vertical-align: top }
+
+table.docutils th.field-name, table.docinfo th.docinfo-name {
+  font-weight: bold ;
+  text-align: left ;
+  white-space: nowrap ;
+  padding-left: 0 }
+
+/* "booktabs" style (no vertical lines) */
+table.docutils.booktabs {
+  border: 0px;
+  border-top: 2px solid;
+  border-bottom: 2px solid;
+  border-collapse: collapse;
+}
+table.docutils.booktabs * {
+  border: 0px;
+}
+table.docutils.booktabs th {
+  border-bottom: thin solid;
+  text-align: left;
+}
+
+h1 tt.docutils, h2 tt.docutils, h3 tt.docutils,
+h4 tt.docutils, h5 tt.docutils, h6 tt.docutils {
+  font-size: 100% }
+
+ul.auto-toc {
+  list-style-type: none }
+
+</style>
+</head>
+<body>
+<div class="document" id="vault-share">
+<h1 class="title">Vault - Share</h1>
+
+<!-- !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!! This file is generated by oca-gen-addon-readme !!
+!! changes will be overwritten.                   !!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -->
+<p><a class="reference external" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external" href="https://github.com/OCA/server-auth/tree/14.0/vault_share"><img alt="OCA/server-auth" src="https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github" /></a> <a class="reference external" href="https://translation.odoo-community.org/projects/server-auth-14-0/server-auth-14-0-vault_share"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external" href="https://runbot.odoo-community.org/runbot/251/14.0"><img alt="Try me on Runbot" src="https://img.shields.io/badge/runbot-Try%20me-875A7B.png" /></a></p>
+<p>This module implements possibilities to share specific secrets with external users. This bases on the vault implementation and the generated RSA key pair.</p>
+<div class="section" id="share">
+<h1>Share</h1>
+<p>This allows an user to share a secret with external users. A share can be generated from a vault entry or directly created by an user. The secret is symmetrically encrypted by a key derived from a pin. To grant access the user has to transmit the link and pin with the external. If either the access counter reaches 0 or the share expires it will be deleted automatically. Due to the usage of a numeric pin and the browser side decryption a share is vulnerable to brute-force attacks and shouldn’t be used as a permanent storage for secrets. For long time uses the user should create an account and a vault should be used.</p>
+<p><strong>Table of contents</strong></p>
+</div>
+<div class="section" id="bug-tracker">
+<h1>Bug Tracker</h1>
+<p>Bugs are tracked on <a class="reference external" href="https://github.com/OCA/server-auth/issues">GitHub Issues</a>.
+In case of trouble, please check there if your issue has already been reported.
+If you spotted it first, help us smashing it by providing a detailed and welcomed
+<a class="reference external" href="https://github.com/OCA/server-auth/issues/new?body=module:%20vault_share%0Aversion:%2014.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**">feedback</a>.</p>
+<p>Do not contact contributors directly about support or help with technical issues.</p>
+</div>
+<div class="section" id="credits">
+<h1>Credits</h1>
+<div class="section" id="authors">
+<h2>Authors</h2>
+<ul class="simple">
+<li>initOS GmbH</li>
+</ul>
+</div>
+<div class="section" id="contributors">
+<h2>Contributors</h2>
+<ul class="simple">
+<li>Florian Kantelberg &lt;<a class="reference external" href="mailto:florian.kantelberg&#64;initos.com">florian.kantelberg&#64;initos.com</a>&gt;</li>
+</ul>
+</div>
+<div class="section" id="maintainers">
+<h2>Maintainers</h2>
+<p>This module is maintained by the OCA.</p>
+<a class="reference external image-reference" href="https://odoo-community.org"><img alt="Odoo Community Association" src="https://odoo-community.org/logo.png" /></a>
+<p>OCA, or the Odoo Community Association, is a nonprofit organization whose
+mission is to support the collaborative development of Odoo features and
+promote its widespread use.</p>
+<p>This module is part of the <a class="reference external" href="https://github.com/OCA/server-auth/tree/14.0/vault_share">OCA/server-auth</a> project on GitHub.</p>
+<p>You are welcome to contribute. To learn how please visit <a class="reference external" href="https://odoo-community.org/page/Contribute">https://odoo-community.org/page/Contribute</a>.</p>
+</div>
+</div>
+</div>
+</body>
+</html>

From a4735994cd9eb7479daca34e32fc898a94ad9636 Mon Sep 17 00:00:00 2001
From: aromera <aromera@pmsastro.es>
Date: Thu, 30 Sep 2021 12:33:36 +0200
Subject: [PATCH 05/71] FIX vault: - Wrong field name

vault_controller
---
 vault/controllers/main.py               | 2 +-
 vault/static/src/js/vault_controller.js | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/vault/controllers/main.py b/vault/controllers/main.py
index 3338ad5426..6228c22a47 100644
--- a/vault/controllers/main.py
+++ b/vault/controllers/main.py
@@ -73,7 +73,7 @@ def vault_public(self, user_id):
         if not user or not user.keys:
             return {}
 
-        return {"public_key": user.active_keys.public}
+        return {"public_key": user.active_key.public}
 
     @http.route("/vault/keys/store", auth="user", type="json")
     def vault_store_keys(self, **kwargs):
diff --git a/vault/static/src/js/vault_controller.js b/vault/static/src/js/vault_controller.js
index 4df1dc520e..2b78c14674 100644
--- a/vault/static/src/js/vault_controller.js
+++ b/vault/static/src/js/vault_controller.js
@@ -284,7 +284,7 @@ odoo.define("vault.controller", function (require) {
                     ),
                     {
                         confirm_callback: async function () {
-                            await this._deleteVaultRight(
+                            await self._deleteVaultRight(
                                 record,
                                 changes.right_ids,
                                 options

From 4807043f397cd81d4a19507a51228c667d76879f Mon Sep 17 00:00:00 2001
From: OCA-git-bot <oca-git-bot@odoo-community.org>
Date: Tue, 5 Oct 2021 13:35:28 +0000
Subject: [PATCH 06/71] vault 14.0.1.5.1

---
 vault/__manifest__.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vault/__manifest__.py b/vault/__manifest__.py
index 9154b86381..d2cfa8f47b 100644
--- a/vault/__manifest__.py
+++ b/vault/__manifest__.py
@@ -5,7 +5,7 @@
     "name": "Vault",
     "summary": "Password vault integration in Odoo",
     "license": "AGPL-3",
-    "version": "14.0.1.5.0",
+    "version": "14.0.1.5.1",
     "website": "https://github.com/OCA/server-auth",
     "application": True,
     "author": "initOS GmbH, Odoo Community Association (OCA)",

From eb897864c3e1b1f309da0f76cc883b5cb0a472f6 Mon Sep 17 00:00:00 2001
From: fkantelberg <florian.kantelberg@initos.com>
Date: Wed, 27 Oct 2021 18:32:33 +0200
Subject: [PATCH 07/71] General fixes and improvements of the vault - Send
 wizard couldn't select all possible users due to access rights - Disable the
 features if browser isn't using a secure context (https/localhost) - Load
 required assets in inbox and share frontends - Allow the user to switch a
 parent of an entry within the same vault - Allow to create entries for vaults
 using the main menu Entries - Fix bug that encrypted a share twice due to
 multiple extension with VaultAbstract - Fix a bug on share create that throws
 a warning about changed values

---
 vault/__manifest__.py                         |   3 +-
 vault/controllers/main.py                     |  12 +-
 vault/i18n/vault.pot                          |  10 +
 vault/models/__init__.py                      |   2 +
 vault/models/abstract_vault.py                |  12 +-
 vault/models/abstract_vault_field.py          |   1 +
 vault/models/res_config_settings.py           |  10 +
 vault/models/res_users.py                     |   4 +-
 vault/models/vault.py                         |   6 +
 vault/models/vault_entry.py                   |  32 +++-
 vault/models/vault_inbox.py                   |  34 +++-
 vault/models/vault_inbox_log.py               |  22 +++
 vault/models/vault_right.py                   |  18 +-
 vault/models/vault_tag.py                     |   2 +-
 vault/readme/DESCRIPTION.rst                  |   2 +
 vault/readme/ROADMAP.rst                      |   4 +-
 vault/security/ir.model.access.csv            |   1 +
 vault/security/ir_rule.xml                    |  23 +++
 vault/static/src/js/vault.js                  |   2 +
 vault/static/src/js/vault_controller.js       |   4 +
 vault/static/src/js/vault_export.js           |   2 +
 vault/static/src/js/vault_import.js           |   2 +
 vault/static/src/js/vault_inbox.js            |   9 +
 vault/static/src/js/vault_utils.js            |  13 +-
 vault/static/src/js/vault_widget.js           |  43 +++--
 vault/static/src/xml/templates.xml            |  22 ++-
 vault/tests/__init__.py                       |   9 +-
 vault/tests/test_controller.py                | 171 ++++++++++++++++++
 vault/tests/test_inbox.py                     |   4 +-
 vault/tests/test_rights.py                    |  14 ++
 vault/tests/test_user.py                      |   9 +-
 vault/tests/test_vault.py                     |  26 +++
 vault/views/assets.xml                        |   1 +
 vault/views/menuitems.xml                     |  12 +-
 vault/views/res_config_settings_views.xml     |  26 +++
 vault/views/res_users_views.xml               |   2 +-
 vault/views/templates.xml                     |   2 +
 vault/views/vault_entry_views.xml             |  52 ++++--
 vault/views/vault_inbox_views.xml             |  11 +-
 vault/views/vault_right_views.xml             |   7 +-
 vault/views/vault_views.xml                   |   1 +
 vault/wizards/vault_send_wizard.py            |  25 +--
 vault/wizards/vault_send_wizard.xml           |   5 +-
 vault/wizards/vault_store_wizard.xml          |   4 +-
 vault_share/__manifest__.py                   |   5 +-
 vault_share/controllers/main.py               |   3 +-
 vault_share/models/__init__.py                |   2 +-
 vault_share/models/res_company.py             |  10 +
 vault_share/models/res_config_settings.py     |  24 +++
 vault_share/models/vault_share.py             |  16 +-
 vault_share/models/vault_share_log.py         |  22 +++
 vault_share/security/ir.model.access.csv      |   1 +
 vault_share/security/ir_rule.xml              |  10 +
 vault_share/static/src/js/vault_share.js      |   4 +-
 .../static/src/js/vault_share_widget.js       |  16 +-
 vault_share/static/src/xml/templates.xml      |  15 +-
 vault_share/tests/test_share.py               |  63 +++++--
 vault_share/views/assets.xml                  |   1 +
 vault_share/views/menuitems.xml               |   2 +-
 .../views/res_config_settings_views.xml       |  18 ++
 vault_share/views/vault_share_views.xml       |  11 +-
 61 files changed, 786 insertions(+), 113 deletions(-)
 create mode 100644 vault/models/res_config_settings.py
 create mode 100644 vault/models/vault_inbox_log.py
 create mode 100644 vault/tests/test_controller.py
 create mode 100644 vault/views/res_config_settings_views.xml
 create mode 100644 vault_share/models/res_company.py
 create mode 100644 vault_share/models/res_config_settings.py
 create mode 100644 vault_share/models/vault_share_log.py
 create mode 100644 vault_share/views/res_config_settings_views.xml

diff --git a/vault/__manifest__.py b/vault/__manifest__.py
index d2cfa8f47b..1d823cb790 100644
--- a/vault/__manifest__.py
+++ b/vault/__manifest__.py
@@ -5,7 +5,7 @@
     "name": "Vault",
     "summary": "Password vault integration in Odoo",
     "license": "AGPL-3",
-    "version": "14.0.1.5.1",
+    "version": "14.0.1.6.0",
     "website": "https://github.com/OCA/server-auth",
     "application": True,
     "author": "initOS GmbH, Odoo Community Association (OCA)",
@@ -15,6 +15,7 @@
         "security/ir.model.access.csv",
         "security/ir_rule.xml",
         "views/assets.xml",
+        "views/res_config_settings_views.xml",
         "views/res_users_views.xml",
         "views/vault_entry_views.xml",
         "views/vault_field_views.xml",
diff --git a/vault/controllers/main.py b/vault/controllers/main.py
index 6228c22a47..2c170bb9b9 100644
--- a/vault/controllers/main.py
+++ b/vault/controllers/main.py
@@ -16,7 +16,6 @@ def vault_inbox(self, token):
         # Find the right token
         inbox = request.env["vault.inbox"].sudo().find_inbox(token)
         user = request.env["res.users"].sudo().find_user_of_inbox(token)
-        _logger.info("%s: %s", inbox, user)
         if len(inbox) == 1 and inbox.accesses > 0:
             ctx.update({"name": inbox.name, "public": inbox.user_id.active_key.public})
         elif len(inbox) == 0 and len(user) == 1:
@@ -55,7 +54,16 @@ def vault_inbox(self, token):
             return request.render("vault.inbox", ctx)
 
         try:
-            inbox.store_in_inbox(name, secret, secret_file, iv, key, user, filename)
+            inbox.store_in_inbox(
+                name,
+                secret,
+                secret_file,
+                iv,
+                key,
+                user,
+                filename,
+                ip=request.httprequest.remote_addr,
+            )
         except Exception as e:
             _logger.exception(e)
             ctx["error"] = _(
diff --git a/vault/i18n/vault.pot b/vault/i18n/vault.pot
index 4abdf1abe2..6e8292a62d 100644
--- a/vault/i18n/vault.pot
+++ b/vault/i18n/vault.pot
@@ -99,6 +99,16 @@ msgstr ""
 msgid "Allowed Write"
 msgstr ""
 
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__allowed_create
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__allowed_create
+#: model:ir.model.fields,field_description:vault.field_vault_entry__allowed_create
+#: model:ir.model.fields,field_description:vault.field_vault_field__allowed_create
+#: model:ir.model.fields,field_description:vault.field_vault_file__allowed_create
+#: model:ir.model.fields,field_description:vault.field_vault_right__allowed_create
+msgid "Allowed Create"
+msgstr ""
+
 #. module: vault
 #: code:addons/vault/controllers/main.py:0
 #, python-format
diff --git a/vault/models/__init__.py b/vault/models/__init__.py
index 492cc527a4..d9d3e40ebe 100644
--- a/vault/models/__init__.py
+++ b/vault/models/__init__.py
@@ -4,6 +4,7 @@
 from . import (
     abstract_vault,
     abstract_vault_field,
+    res_config_settings,
     res_users,
     res_users_key,
     vault,
@@ -11,6 +12,7 @@
     vault_field,
     vault_file,
     vault_inbox,
+    vault_inbox_log,
     vault_log,
     vault_right,
     vault_tag,
diff --git a/vault/models/abstract_vault.py b/vault/models/abstract_vault.py
index 4e63e10b93..614173056d 100644
--- a/vault/models/abstract_vault.py
+++ b/vault/models/abstract_vault.py
@@ -12,7 +12,8 @@
 class AbstractVault(models.AbstractModel):
     """Models must have the following fields:
     `perm_user`: The permissions are computed for this user
-    `allowed_write`: The current user can read from the vault
+    `allowed_read`: The current user can read from the vault
+    `allowed_create`: The current user can read from the vault
     `allowed_write`: The current user has write access to the vault
     `allowed_share`: The current user can share the vault with other users
     `allowed_delete`: The current user can delete the vault or entries of it
@@ -41,10 +42,19 @@ def check_access_rule(self, operation):
             vault = self if self._name == "vault" else self.mapped("vault_id")
             vault._compute_access()
 
+        # Shortcut for vault.right because only the share right is required
+        if self._name == "vault.right":
+            if not self.filtered("allowed_share"):
+                self.raise_access_error()
+            return
+
         # Check the operation and matching permissions
         if operation == "read" and not self.filtered("allowed_read"):
             self.raise_access_error()
 
+        if operation == "create" and not self.filtered("allowed_create"):
+            self.raise_access_error()
+
         if operation == "write" and not self.filtered("allowed_write"):
             self.raise_access_error()
 
diff --git a/vault/models/abstract_vault_field.py b/vault/models/abstract_vault_field.py
index bb062c90a7..d819a32f91 100644
--- a/vault/models/abstract_vault_field.py
+++ b/vault/models/abstract_vault_field.py
@@ -18,6 +18,7 @@ class AbstractVaultField(models.AbstractModel):
 
     perm_user = fields.Many2one(related="vault_id.perm_user", store=False)
     allowed_read = fields.Boolean(related="vault_id.allowed_read", store=False)
+    allowed_create = fields.Boolean(related="vault_id.allowed_create", store=False)
     allowed_write = fields.Boolean(related="vault_id.allowed_write", store=False)
     allowed_share = fields.Boolean(related="vault_id.allowed_share", store=False)
     allowed_delete = fields.Boolean(related="vault_id.allowed_delete", store=False)
diff --git a/vault/models/res_config_settings.py b/vault/models/res_config_settings.py
new file mode 100644
index 0000000000..00923c6c42
--- /dev/null
+++ b/vault/models/res_config_settings.py
@@ -0,0 +1,10 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+from odoo import fields, models
+
+
+class ResConfigSettings(models.TransientModel):
+    _inherit = "res.config.settings"
+
+    module_vault_share = fields.Boolean()
diff --git a/vault/models/res_users.py b/vault/models/res_users.py
index 1c836c1914..11e52ecb5a 100644
--- a/vault/models/res_users.py
+++ b/vault/models/res_users.py
@@ -39,9 +39,9 @@ def _compute_inbox_link(self):
     def action_get_vault(self):
         return self.sudo().env.ref("vault.action_res_users_keys").read()[0]
 
-    def action_new_share_token(self):
+    def action_new_inbox_token(self):
         self.ensure_one()
-        self.inbox_token = uuid4()
+        self.sudo().inbox_token = uuid4()
         return {"type": "ir.actions.act_window_close"}
 
     @api.model
diff --git a/vault/models/vault.py b/vault/models/vault.py
index 873d10fe42..da6293792d 100644
--- a/vault/models/vault.py
+++ b/vault/models/vault.py
@@ -36,6 +36,7 @@ class Vault(models.Model):
     # Access control
     perm_user = fields.Many2one("res.users", compute="_compute_access", store=False)
     allowed_read = fields.Boolean(compute="_compute_access", store=False)
+    allowed_create = fields.Boolean(compute="_compute_access", store=False)
     allowed_share = fields.Boolean(compute="_compute_access", store=False)
     allowed_write = fields.Boolean(compute="_compute_access", store=False)
     allowed_delete = fields.Boolean(compute="_compute_access", store=False)
@@ -63,6 +64,7 @@ def _compute_access(self):
             if user == rec.user_id:
                 rec.write(
                     {
+                        "allowed_create": True,
                         "allowed_share": True,
                         "allowed_write": True,
                         "allowed_delete": True,
@@ -73,6 +75,9 @@ def _compute_access(self):
 
             rights = rec.right_ids
             rec.allowed_read = user in rights.mapped("user_id")
+            rec.allowed_create = user in rights.filtered("perm_create").mapped(
+                "user_id"
+            )
             rec.allowed_share = user in rights.filtered("perm_share").mapped("user_id")
             rec.allowed_write = user in rights.filtered("perm_write").mapped("user_id")
             rec.allowed_delete = user in rights.filtered("perm_delete").mapped(
@@ -100,6 +105,7 @@ def _get_default_rights(self):
                 0,
                 {
                     "user_id": self.env.uid,
+                    "perm_create": True,
                     "perm_write": True,
                     "perm_delete": True,
                     "perm_share": True,
diff --git a/vault/models/vault_entry.py b/vault/models/vault_entry.py
index 1e829fe6e4..75efd376a9 100644
--- a/vault/models/vault_entry.py
+++ b/vault/models/vault_entry.py
@@ -6,6 +6,7 @@
 from uuid import uuid4
 
 from odoo import _, api, fields, models
+from odoo.exceptions import ValidationError
 
 _logger = logging.getLogger(__name__)
 
@@ -17,7 +18,12 @@ class VaultEntry(models.Model):
     _order = "complete_name"
     _rec_name = "complete_name"
 
-    parent_id = fields.Many2one("vault.entry", "Parent", ondelete="cascade")
+    parent_id = fields.Many2one(
+        "vault.entry",
+        "Parent",
+        ondelete="cascade",
+        domain="[('vault_id', '=', vault_id)]",
+    )
     child_ids = fields.One2many("vault.entry", "parent_id", "Child")
 
     vault_id = fields.Many2one("vault", "Vault", ondelete="cascade", required=True)
@@ -28,6 +34,7 @@ class VaultEntry(models.Model):
 
     perm_user = fields.Many2one(related="vault_id.perm_user", store=False)
     allowed_read = fields.Boolean(related="vault_id.allowed_read", store=False)
+    allowed_create = fields.Boolean(related="vault_id.allowed_create", store=False)
     allowed_share = fields.Boolean(related="vault_id.allowed_share", store=False)
     allowed_write = fields.Boolean(related="vault_id.allowed_write", store=False)
     allowed_delete = fields.Boolean(related="vault_id.allowed_delete", store=False)
@@ -43,12 +50,21 @@ class VaultEntry(models.Model):
     note = fields.Text()
     tags = fields.Many2many("vault.tag")
     expire_date = fields.Datetime("Expires on", default=False)
-    expired = fields.Boolean(compute="_compute_expired", store=False)
+    expired = fields.Boolean(
+        compute="_compute_expired",
+        search="_search_expired",
+        store=False,
+    )
 
     _sql_constraints = [
         ("vault_uuid_uniq", "UNIQUE(vault_id, uuid)", _("The UUID must be unique.")),
     ]
 
+    @api.constrains("parent_id")
+    def _check_parent_id(self):
+        if not self._check_recursion():
+            raise ValidationError(_("You can not create recursive entries."))
+
     @api.depends("name", "parent_id.complete_name")
     def _compute_complete_name(self):
         for rec in self:
@@ -63,10 +79,20 @@ def _compute_expired(self):
         for rec in self:
             rec.expired = rec.expire_date and now > rec.expire_date
 
+    def _search_expired(self, operator, value):
+        if (operator not in ["=", "!="]) or (value not in [True, False]):
+            return []
+
+        if (operator, value) in [("=", True), ("!=", False)]:
+            return [("expire_date", "<", datetime.now())]
+
+        return ["|", ("expire_date", ">=", datetime.now()), ("expire_date", "=", False)]
+
     def log_change(self, action):
         self.ensure_one()
         self.log_info(
-            f"{action} entry {self.complete_name} by {self.env.user.display_name}"
+            _("%s entry %s by %s")
+            % (action, self.complete_name, self.env.user.display_name)
         )
 
     @api.model_create_single
diff --git a/vault/models/vault_inbox.py b/vault/models/vault_inbox.py
index c2471bfeb4..f4687d6e7a 100644
--- a/vault/models/vault_inbox.py
+++ b/vault/models/vault_inbox.py
@@ -14,7 +14,7 @@ class VaultInbox(models.Model):
     _name = "vault.inbox"
     _description = _("Vault share incoming secrets")
 
-    token = fields.Char(default=lambda self: uuid4(), readonly=True)
+    token = fields.Char(default=lambda self: uuid4(), readonly=True, copy=False)
     inbox_link = fields.Char(
         compute="_compute_inbox_link",
         readonly=True,
@@ -22,7 +22,11 @@ class VaultInbox(models.Model):
         "to create new inboxes you should give them your inbox link from your key "
         "management.",
     )
-    user_id = fields.Many2one("res.users", "Vault", required=True)
+    user_id = fields.Many2one(
+        "res.users",
+        "Vault",
+        required=True,
+    )
     name = fields.Char(required=True)
     secret = fields.Char(readonly=True)
     filename = fields.Char()
@@ -32,12 +36,13 @@ class VaultInbox(models.Model):
     accesses = fields.Integer(
         "Access counter",
         default=1,
-        help="If this is 0 the inbox will be read-only for the owner.",
+        help="If this is 0 the inbox can't be written using the link",
     )
     expiration = fields.Datetime(
         default=lambda self: datetime.now() + timedelta(days=7),
-        help="If expired the inbox will be read-only for the owner.",
+        help="If expired the inbox can't be written using the link",
     )
+    log_ids = fields.One2many("vault.inbox.log", "inbox_id", "Log", readonly=True)
 
     _sql_constraints = [
         (
@@ -63,8 +68,19 @@ def read(self, *args, **kwargs):
     def find_inbox(self, token):
         return self.search([("token", "=", token)])
 
-    def store_in_inbox(self, name, secret, secret_file, iv, key, user, filename):
+    def store_in_inbox(
+        self,
+        name,
+        secret,
+        secret_file,
+        iv,
+        key,
+        user,
+        filename,
+        ip=None,
+    ):
         if len(self) == 0:
+            log = _("Created by %s via %s") % (user.name, ip or "n/a")
             return self.create(
                 {
                     "name": name,
@@ -75,10 +91,17 @@ def store_in_inbox(self, name, secret, secret_file, iv, key, user, filename):
                     "secret_file": secret_file or None,
                     "filename": filename,
                     "user_id": user.id,
+                    "log_ids": [(0, 0, {"name": log})],
                 }
             )
 
+        self.ensure_one()
         if self.accesses > 0 and datetime.now() < self.expiration:
+            log = _("Written by %s via %s") % (
+                self.env.user.name,
+                ip or "n/a",
+            )
+
             self.write(
                 {
                     "accesses": self.accesses - 1,
@@ -87,6 +110,7 @@ def store_in_inbox(self, name, secret, secret_file, iv, key, user, filename):
                     "secret": secret or None,
                     "secret_file": secret_file or None,
                     "filename": filename,
+                    "log_ids": [(0, 0, {"name": log})],
                 }
             )
             return self
diff --git a/vault/models/vault_inbox_log.py b/vault/models/vault_inbox_log.py
new file mode 100644
index 0000000000..e072283624
--- /dev/null
+++ b/vault/models/vault_inbox_log.py
@@ -0,0 +1,22 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import logging
+
+from odoo import _, fields, models
+
+_logger = logging.getLogger(__name__)
+
+
+class VaultInboxLog(models.Model):
+    _name = "vault.inbox.log"
+    _description = _("Vault inbox log")
+    _order = "create_date DESC"
+
+    inbox_id = fields.Many2one(
+        "vault.inbox",
+        ondelete="cascade",
+        readonly=True,
+        required=True,
+    )
+    name = fields.Char(readonly=True)
diff --git a/vault/models/vault_right.py b/vault/models/vault_right.py
index a4aa6caca2..20b1684814 100644
--- a/vault/models/vault_right.py
+++ b/vault/models/vault_right.py
@@ -19,9 +19,17 @@ class VaultRight(models.Model):
     )
     master_key = fields.Char(related="vault_id.master_key", readonly=True, store=False)
     user_id = fields.Many2one(
-        "res.users", "User", domain=[("keys", "!=", False)], required=True
+        "res.users",
+        "User",
+        domain=[("keys", "!=", False)],
+        required=True,
     )
     public_key = fields.Char(compute="_compute_public_key", readonly=True, store=False)
+    perm_create = fields.Boolean(
+        "Create",
+        default=lambda self: self._get_is_owner(),
+        help="Allow to create in the vault",
+    )
     perm_write = fields.Boolean(
         "Write",
         default=lambda self: self._get_is_owner(),
@@ -40,6 +48,7 @@ class VaultRight(models.Model):
 
     perm_user = fields.Many2one(related="vault_id.perm_user", store=False)
     allowed_read = fields.Boolean(related="vault_id.allowed_read", store=False)
+    allowed_create = fields.Boolean(related="vault_id.allowed_create", store=False)
     allowed_write = fields.Boolean(related="vault_id.allowed_write", store=False)
     allowed_share = fields.Boolean(related="vault_id.allowed_share", store=False)
     allowed_delete = fields.Boolean(related="vault_id.allowed_delete", store=False)
@@ -48,7 +57,7 @@ class VaultRight(models.Model):
     key = fields.Char()
 
     _sql_constraints = (
-        ("user_uniq", "UNIQUE(user_id, vault_id)", "The user must be unique"),
+        ("user_uniq", "UNIQUE(user_id, vault_id)", _("The user must be unique")),
     )
 
     def _get_is_owner(self):
@@ -66,7 +75,7 @@ def log_access(self):
                 ["read"]
                 + [
                     right
-                    for right in ["write", "share", "delete"]
+                    for right in ["create", "write", "share", "delete"]
                     if getattr(self, f"perm_{right}", False)
                 ]
             )
@@ -87,7 +96,8 @@ def create(self, values):
 
     def write(self, values):
         res = super().write(values)
-        if any(x in values for x in ["perm_write", "perm_delete", "perm_share"]):
+        perms = ["perm_write", "perm_delete", "perm_share", "perm_create"]
+        if any(x in values for x in perms):
             for rec in self:
                 rec.log_access()
 
diff --git a/vault/models/vault_tag.py b/vault/models/vault_tag.py
index 12aa3e6cb2..f50ae6de88 100644
--- a/vault/models/vault_tag.py
+++ b/vault/models/vault_tag.py
@@ -12,5 +12,5 @@ class VaultTag(models.Model):
     name = fields.Char(required=True)
 
     _sql_constraints = [
-        ("name_uniq", "unique(name)", "The tag must be unique!"),
+        ("name_uniq", "unique(name)", _("The tag must be unique!")),
     ]
diff --git a/vault/readme/DESCRIPTION.rst b/vault/readme/DESCRIPTION.rst
index ffccef96fe..3f156370e8 100644
--- a/vault/readme/DESCRIPTION.rst
+++ b/vault/readme/DESCRIPTION.rst
@@ -1,3 +1,5 @@
 This module implements a vault for secrets and files using end-to-end-encryption. The encryption and decryption happens in the browser using a vault specific shared master key. The master keys are encrypted using asymmetrically. For this the user has to enter a second password on the first login or if he needs to access data in a vault. The asymmetric keys are stored for a certain time in the browser storage.
 
 The server can never access the secrets with the information available. Only people registered in the vault can decrypt or encrypt values in a vault. The meta data isn't encrypted to be able to search/filter for entries more easily.
+
+This modules requires a secure context for the browser to work properly.
diff --git a/vault/readme/ROADMAP.rst b/vault/readme/ROADMAP.rst
index bf394cbda4..63124da1f6 100644
--- a/vault/readme/ROADMAP.rst
+++ b/vault/readme/ROADMAP.rst
@@ -1,8 +1,8 @@
 * Field and file history for restoration
 
+* Send secrets directly to an inbox within Odoo
+
 * Import improvement
 
  * Support challenge-response/FIDO2
  * Support for argon2 and kdbx v4
-
-* Properly handle missing Crypto API because no https
diff --git a/vault/security/ir.model.access.csv b/vault/security/ir.model.access.csv
index 3d7db5d0b2..0863b98aa8 100644
--- a/vault/security/ir.model.access.csv
+++ b/vault/security/ir.model.access.csv
@@ -7,6 +7,7 @@ access_vault_file,access_vault_file,model_vault_file,base.group_user,1,1,1,1
 access_vault_import_wizard,access_vault_import_wizard,model_vault_import_wizard,base.group_user,1,1,1,1
 access_vault_import_wizard_path,access_vault_import_wizard_path,model_vault_import_wizard_path,base.group_user,1,1,1,1
 access_vault_inbox,access_vault_inbox,model_vault_inbox,base.group_user,1,1,1,1
+access_vault_inbox_log,access_vault_inbox_log,model_vault_inbox_log,base.group_user,1,1,1,1
 access_vault_log,access_vault_log,model_vault_log,base.group_user,1,0,0,0
 access_vault_right,access_vault_right,model_vault_right,base.group_user,1,1,1,1
 access_vault_send_wizard,access_vault_send_wizard,model_vault_send_wizard,base.group_user,1,1,1,1
diff --git a/vault/security/ir_rule.xml b/vault/security/ir_rule.xml
index 25707ba7b9..13f7cdb45f 100644
--- a/vault/security/ir_rule.xml
+++ b/vault/security/ir_rule.xml
@@ -85,4 +85,27 @@
         <field name="perm_unlink" eval="1" />
         <field name="perm_read" eval="1" />
     </record>
+
+    <record id="vault_right_access_default" model="ir.rule">
+        <field name="name">vault.right.access.default</field>
+        <field name="model_id" ref="vault.model_vault_right" />
+        <field
+            name="domain_force"
+        >[('vault_id.right_ids.user_id', '=', user.id)]</field>
+        <field name="groups" eval="[(4, ref('base.group_user'))]" />
+        <field name="perm_create" eval="1" />
+        <field name="perm_write" eval="1" />
+        <field name="perm_unlink" eval="1" />
+        <field name="perm_read" eval="1" />
+    </record>
+
+    <record id="vault_inbox_log_owner" model="ir.rule">
+        <field name="name">vault.inbox.log.access.owner</field>
+        <field name="model_id" ref="vault.model_vault_inbox_log" />
+        <field name="domain_force">[('inbox_id.user_id', '=', user.id)]</field>
+        <field name="perm_create" eval="1" />
+        <field name="perm_write" eval="1" />
+        <field name="perm_unlink" eval="1" />
+        <field name="perm_read" eval="1" />
+    </record>
 </odoo>
diff --git a/vault/static/src/js/vault.js b/vault/static/src/js/vault.js
index 70617a7548..2c4e16da40 100644
--- a/vault/static/src/js/vault.js
+++ b/vault/static/src/js/vault.js
@@ -57,6 +57,8 @@ odoo.define("vault", function (require) {
             var self = this;
 
             function waitAndCheck() {
+                if (!utils.supported()) return null;
+
                 if (odoo.isReady) self._initialize_keys();
                 else setTimeout(waitAndCheck, 500);
             }
diff --git a/vault/static/src/js/vault_controller.js b/vault/static/src/js/vault_controller.js
index 2b78c14674..a0b0ee96da 100644
--- a/vault/static/src/js/vault_controller.js
+++ b/vault/static/src/js/vault_controller.js
@@ -103,6 +103,8 @@ odoo.define("vault.controller", function (require) {
          */
         _onGenerateKeys: async function (ev) {
             ev.stopPropagation();
+            if (!utils.supported()) return;
+
             var self = this;
 
             Dialog.confirm(
@@ -334,6 +336,8 @@ odoo.define("vault.controller", function (require) {
         _applyChanges: async function (dataPointID, changes, options) {
             const result = await this._super.apply(this, arguments);
 
+            if (!utils.supported()) return result;
+
             const record = this.model.get(dataPointID);
             if (record.model === "vault")
                 await this._applyChangesVault(record, changes, options);
diff --git a/vault/static/src/js/vault_export.js b/vault/static/src/js/vault_export.js
index 79f2f3885c..d74e2a6e31 100644
--- a/vault/static/src/js/vault_export.js
+++ b/vault/static/src/js/vault_export.js
@@ -124,6 +124,8 @@ odoo.define("vault.export", function (require) {
          * @returns the data importable by the backend or false on error
          */
         export: async function (master_key, filename, content) {
+            if (!utils.supported()) return false;
+
             if (filename.endsWith(".json"))
                 return await this._export_json(master_key, content);
             return false;
diff --git a/vault/static/src/js/vault_import.js b/vault/static/src/js/vault_import.js
index 5cdd8ee302..29b5ae1aba 100644
--- a/vault/static/src/js/vault_import.js
+++ b/vault/static/src/js/vault_import.js
@@ -247,6 +247,8 @@ odoo.define("vault.import", function (require) {
          * @returns the data importable by the backend or false on error
          */
         import: async function (master_key, filename, content) {
+            if (!utils.supported()) return false;
+
             if (filename.endsWith(".json"))
                 return await this._import_json(master_key, content);
             else if (filename.endsWith(".kdbx"))
diff --git a/vault/static/src/js/vault_inbox.js b/vault/static/src/js/vault_inbox.js
index 37ed894f96..5f4e757812 100644
--- a/vault/static/src/js/vault_inbox.js
+++ b/vault/static/src/js/vault_inbox.js
@@ -20,6 +20,7 @@ odoo.define("vault.inbox", function (require) {
         "encrypted_file",
         "filename",
         "secret_file",
+        "submit",
     ];
 
     function toggle_required(element, value) {
@@ -29,6 +30,8 @@ odoo.define("vault.inbox", function (require) {
 
     // Encrypt the value and store it in the right input field
     async function encrypt_and_store(value, target) {
+        if (!utils.supported()) return false;
+
         // Find all the possible elements which are needed
         for (const id of fields) if (!data[id]) data[id] = document.getElementById(id);
 
@@ -56,14 +59,19 @@ odoo.define("vault.inbox", function (require) {
     }
 
     document.getElementById("secret").onchange = async function () {
+        if (!utils.supported()) return false;
+
         if (!this.value) return;
 
         const required = await encrypt_and_store(this.value, "encrypted");
         toggle_required(data.secret, required);
         toggle_required(data.secret_file, !required);
+        data.submit.removeAttribute("disabled");
     };
 
     document.getElementById("secret_file").onchange = async function () {
+        if (!utils.supported()) return false;
+
         if (!this.files.length) return;
 
         const file = this.files[0];
@@ -74,5 +82,6 @@ odoo.define("vault.inbox", function (require) {
         toggle_required(data.secret, !required);
         toggle_required(data.secret_file, required);
         data.filename.value = file.name;
+        data.submit.removeAttribute("disabled");
     };
 });
diff --git a/vault/static/src/js/vault_utils.js b/vault/static/src/js/vault_utils.js
index 7f69772c79..e88fc38c64 100644
--- a/vault/static/src/js/vault_utils.js
+++ b/vault/static/src/js/vault_utils.js
@@ -1,8 +1,6 @@
 // © 2021 Florian Kantelberg - initOS GmbH
 // License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
 
-/* global Uint8Array */
-
 odoo.define("vault.utils", function (require) {
     "use strict";
 
@@ -34,6 +32,15 @@ odoo.define("vault.utils", function (require) {
         length: 256,
     };
 
+    /**
+     * Checks if the CryptoAPI is available and the vault feature supported
+     *
+     * @returns if vault is supported
+     */
+    function supported() {
+        return Boolean(CryptoAPI);
+    }
+
     /**
      * Converts an ArrayBuffer to an ASCII string
      *
@@ -573,5 +580,7 @@ odoo.define("vault.utils", function (require) {
         fromBinary: fromBinary,
         toBase64: toBase64,
         toBinary: toBinary,
+
+        supported: supported,
     };
 });
diff --git a/vault/static/src/js/vault_widget.js b/vault/static/src/js/vault_widget.js
index 5ef07b0429..011e57373e 100644
--- a/vault/static/src/js/vault_widget.js
+++ b/vault/static/src/js/vault_widget.js
@@ -1,8 +1,6 @@
 // © 2021 Florian Kantelberg - initOS GmbH
 // License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
 
-/* global ArrayBuffer, Uint8Array */
-
 odoo.define("vault.fields", function (require) {
     "use strict";
 
@@ -18,6 +16,9 @@ odoo.define("vault.fields", function (require) {
     var QWeb = core.qweb;
 
     var VaultAbstract = {
+        supported: function () {
+            return utils.supported();
+        },
         /**
          * Set the value by encrypting it
          *
@@ -28,9 +29,12 @@ odoo.define("vault.fields", function (require) {
         _setValue: function (value, options) {
             const self = this;
             const _super = this._super;
-            return this._encrypt(value).then(function (data) {
-                _super.call(self, data, options);
-            });
+
+            if (utils.supported()) {
+                return this._encrypt(value).then(function (data) {
+                    _super.call(self, data, options);
+                });
+            }
         },
 
         /**
@@ -55,6 +59,8 @@ odoo.define("vault.fields", function (require) {
          * @returns the IV to use
          */
         _getIV: function () {
+            if (!utils.supported()) return null;
+
             // IV already read. Reuse it
             if (this.iv) return this.iv;
 
@@ -74,6 +80,8 @@ odoo.define("vault.fields", function (require) {
          * @returns the master key to use
          */
         _getMasterKey: async function () {
+            if (!utils.supported()) return null;
+
             // Check if the master key is already extracted
             if (this.key) return await vault.unwrap(this.key);
 
@@ -180,6 +188,8 @@ odoo.define("vault.fields", function (require) {
          * @returns the decrypted data
          */
         _decrypt: async function (data) {
+            if (!utils.supported()) return null;
+
             const iv = this._getIV();
             const key = await this._getMasterKey();
             return await utils.sym_decrypt(key, data, iv);
@@ -192,6 +202,8 @@ odoo.define("vault.fields", function (require) {
          * @returns the encrypted data
          */
         _encrypt: async function (data) {
+            if (!utils.supported()) return null;
+
             const iv = this._getIV();
             const key = await this._getMasterKey();
             return await utils.sym_encrypt(key, data, iv);
@@ -266,6 +278,7 @@ odoo.define("vault.fields", function (require) {
          * @param {String} value to render
          */
         _renderValue: function (value) {
+            const self = this;
             this.$el.html(
                 QWeb.render(this.template, {
                     widget: self,
@@ -292,9 +305,11 @@ odoo.define("vault.fields", function (require) {
             this.$input.addClass("o_input");
             this.$input.attr(inputAttrs);
 
-            this._decrypt(this.value).then(function (data) {
-                self.$input.val(self._formatValue(data));
-            });
+            if (utils.supported()) {
+                this._decrypt(this.value).then(function (data) {
+                    self.$input.val(self._formatValue(data));
+                });
+            }
 
             return this.$input;
         },
@@ -337,7 +352,7 @@ odoo.define("vault.fields", function (require) {
                     _t("The field is empty, there's nothing to save!")
                 );
                 ev.stopPropagation();
-            } else if (this.res_id) {
+            } else if (this.res_id && utils.supported()) {
                 ev.stopPropagation();
 
                 const filename_fieldname = this.attrs.filename;
@@ -397,7 +412,7 @@ odoo.define("vault.fields", function (require) {
          * @param {OdooEvent} ev
          */
         on_save_as: async function (ev) {
-            if (this.value) {
+            if (this.value && utils.supported()) {
                 ev.stopPropagation();
 
                 const exporter = new Exporter();
@@ -424,7 +439,7 @@ odoo.define("vault.fields", function (require) {
         },
     });
 
-    var VaultInboxField = VaultField.extend(VaultAbstract, {
+    var VaultInboxField = VaultField.extend({
         store_model: "vault.field",
         events: _.extend({}, VaultField.prototype.events, {
             "click .o_vault_show": "_onShowValue",
@@ -454,6 +469,8 @@ odoo.define("vault.fields", function (require) {
          * @returns the decrypted data
          */
         _decrypt: async function (data) {
+            if (!utils.supported()) return null;
+
             const iv = this.recordData[this.field_iv];
             const wrapped_key = this.recordData[this.field_key];
 
@@ -474,7 +491,7 @@ odoo.define("vault.fields", function (require) {
     });
 
     // Widget used to view shared incoming secrets encrypted with public keys
-    var VaultInboxFile = VaultFile.extend(VaultAbstract, {
+    var VaultInboxFile = VaultFile.extend({
         store_model: "vault.file",
         template: "FileVaultInbox",
         events: _.extend({}, VaultFile.prototype.events, {
@@ -517,6 +534,8 @@ odoo.define("vault.fields", function (require) {
          * @returns the decrypted data
          */
         _decrypt: async function (data) {
+            if (!utils.supported()) return null;
+
             const iv = this.recordData[this.field_iv];
             const wrapped_key = this.recordData[this.field_key];
 
diff --git a/vault/static/src/xml/templates.xml b/vault/static/src/xml/templates.xml
index f7cbeb3e7f..b6e8cb73b1 100644
--- a/vault/static/src/xml/templates.xml
+++ b/vault/static/src/xml/templates.xml
@@ -135,7 +135,10 @@
     </div>
 
     <t t-name="FieldVault">
-        <div class="o_vault" t-if="widget.mode == 'edit'">
+        <div class="o_vault o_vault_error" t-if="!widget.supported()">
+            <span>*******</span>
+        </div>
+        <div class="o_vault" t-elif="widget.mode == 'edit'">
             <button
                 class="btn fa fa-lock o_vault_generate"
                 title="Generate"
@@ -150,7 +153,10 @@
     </t>
 
     <t t-name="FieldVaultInbox">
-        <div class="o_vault">
+        <div class="o_vault o_vault_error" t-if="!widget.supported()">
+            <span>*******</span>
+        </div>
+        <div class="o_vault" t-else="">
             <t t-call="vault.buttons" />
             <button
                 class="btn fa fa-save o_vault_save"
@@ -163,16 +169,20 @@
     </t>
 
     <t t-name="FileVaultInbox">
-        <div class="o_vault">
+        <div class="o_vault o_vault_error" t-if="!widget.supported()">
+            <span>*******</span>
+        </div>
+        <div class="o_vault" t-else="">
             <button
                 class="btn fa fa-save o_vault_save"
                 title="Save in a vault"
                 aria-label="Save in a vault"
             />
 
-            <span class="link"><span class="fa fa-download" /> <t
-                    t-esc="filename"
-                /></span>
+            <span class="link">
+                <span class="fa fa-download" />
+                <t t-esc="filename" />
+            </span>
         </div>
     </t>
 </templates>
diff --git a/vault/tests/__init__.py b/vault/tests/__init__.py
index 9ceb22d222..59ea2f2ef1 100644
--- a/vault/tests/__init__.py
+++ b/vault/tests/__init__.py
@@ -1,4 +1,11 @@
 # © 2021 Florian Kantelberg - initOS GmbH
 # License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
 
-from . import test_log, test_rights, test_user, test_vault, test_widgets
+from . import (
+    test_controller,
+    test_log,
+    test_rights,
+    test_user,
+    test_vault,
+    test_widgets,
+)
diff --git a/vault/tests/test_controller.py b/vault/tests/test_controller.py
new file mode 100644
index 0000000000..ea4c5e5eb5
--- /dev/null
+++ b/vault/tests/test_controller.py
@@ -0,0 +1,171 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import logging
+from unittest.mock import MagicMock, patch
+
+from odoo.tests import TransactionCase
+from odoo.tools import mute_logger
+
+from ..controllers import main
+
+_logger = logging.getLogger(__name__)
+
+
+@patch("odoo.addons.vault.controllers.main.request")
+class TestController(TransactionCase):
+    def setUp(self):
+        super().setUp()
+
+        self.controller = main.Controller()
+
+        self.user = self.env["res.users"].create(
+            {"login": "test", "email": "test@test", "name": "test"}
+        )
+        self.user.inbox_token = "42"
+        self.user.keys.current = False
+        self.key = self.env["res.users.key"].create(
+            {
+                "user_id": self.user.id,
+                "public": "a public key",
+                "salt": "42",
+                "iv": "2424",
+                "iterations": 4000,
+                "private": "24",
+                "current": True,
+            }
+        )
+        self.inbox = self.env["vault.inbox"].create(
+            {
+                "user_id": self.user.id,
+                "name": "Inbox",
+                "key": "4",
+                "iv": "1",
+                "secret": "old secret",
+                "secret_file": "old file",
+                "accesses": 100,
+            }
+        )
+
+        patcher = patch("odoo.http.request")
+        self.addCleanup(patcher.stop)
+        patcher.start()
+
+    @mute_logger("odoo.addons.vault.controllers.main")
+    @mute_logger("odoo.sql_db")
+    def test_vault_inbox(self, request_mock):
+        def return_context(template, context):
+            self.assertEqual(template, "vault.inbox")
+            return context
+
+        request_mock.env = self.env
+        request_mock.render.side_effect = return_context
+        response = self.controller.vault_inbox("")
+        self.assertIn("error", response)
+
+        response = self.controller.vault_inbox(self.user.inbox_token)
+        self.assertNotIn("error", response)
+        self.assertEqual(response["public"], self.user.active_key.public)
+
+        # Try to eliminate each error step by step
+        request_mock.httprequest.method = "POST"
+        request_mock.params = {}
+        response = self.controller.vault_inbox(self.user.inbox_token)
+        self.assertIn("error", response)
+
+        request_mock.params["name"] = "test"
+        response = self.controller.vault_inbox(self.user.inbox_token)
+        self.assertIn("error", response)
+
+        request_mock.params.update({"encrypted": "secret", "encrypted_file": "file"})
+        response = self.controller.vault_inbox(self.user.inbox_token)
+        self.assertIn("error", response)
+
+        request_mock.params["filename"] = "filename"
+        response = self.controller.vault_inbox(self.user.inbox_token)
+        self.assertIn("error", response)
+
+        self.assertEqual(self.inbox.secret, "old secret")
+        self.assertEqual(self.inbox.secret_file, b"old file")
+
+        # Store something successfully
+        request_mock.params.update({"iv": "iv", "key": "key"})
+        response = self.controller.vault_inbox(self.inbox.token)
+        self.assertNotIn("error", response)
+        self.assertEqual(self.inbox.secret, "secret")
+        self.assertEqual(self.inbox.secret_file, b"file")
+
+        # Test a duplicate inbox
+        self.inbox.copy().token = self.inbox.token
+        response = self.controller.vault_inbox(self.inbox.token)
+        self.assertIn("error", response)
+
+        def raise_error(*args, **kwargs):
+            raise TypeError()
+
+        # Catch internal errors
+        try:
+            request_mock.httprequest.remote_addr = "127.0.0.1"
+            self.env["vault.inbox"]._patch_method("store_in_inbox", raise_error)
+            response = self.controller.vault_inbox(self.user.inbox_token)
+        finally:
+            self.env["vault.inbox"]._revert_method("store_in_inbox")
+
+        self.assertIn("error", response)
+
+    @mute_logger("odoo.sql_db")
+    def test_vault_public(self, request_mock):
+        request_mock.env = self.env
+        no_key = self.env["res.users"].create(
+            {"login": "keyless", "email": "test@test", "name": "test"}
+        )
+
+        response = self.controller.vault_public(user_id=no_key.id)
+        self.assertEqual(response, {})
+
+        response = self.controller.vault_public(user_id=self.user.id)
+        self.assertEqual(response["public_key"], self.key.public)
+
+    @mute_logger("odoo.sql_db")
+    def test_vault_store(self, request_mock):
+        request_mock.env = self.env
+        mock = MagicMock()
+        try:
+            self.env["res.users.key"]._patch_method("store", mock)
+            self.controller.vault_store_keys()
+            mock.assert_called_once()
+        finally:
+            self.env["res.users.key"]._revert_method("store")
+
+    @mute_logger("odoo.sql_db")
+    def test_vault_keys_get(self, request_mock):
+        request_mock.env = self.env
+        mock = MagicMock()
+        try:
+            self.env["res.users"]._patch_method("get_vault_keys", mock)
+            self.controller.vault_get_keys()
+            mock.assert_called_once()
+        finally:
+            self.env["res.users"]._revert_method("get_vault_keys")
+
+    @mute_logger("odoo.sql_db")
+    def test_vault_right_keys(self, request_mock):
+        request_mock.env = self.env
+        self.assertFalse(self.controller.vault_get_right_keys())
+
+        # New vault with user as owner and only right
+        vault = self.env["vault"].create({"name": "Vault"})
+
+        response = self.controller.vault_get_right_keys()
+        self.assertEqual(response, {vault.uuid: vault.right_ids.key})
+
+    @mute_logger("odoo.sql_db")
+    def test_vault_store_right_key(self, request_mock):
+        request_mock.env = self.env
+
+        vault = self.env["vault"].create({"name": "Vault"})
+
+        self.controller.vault_store_right_keys(None)
+
+        self.controller.vault_store_right_keys({vault.uuid: "new key"})
+        self.assertEqual(vault.right_ids.key, "new key")
diff --git a/vault/tests/test_inbox.py b/vault/tests/test_inbox.py
index 017b4ca02d..e02402ba8e 100644
--- a/vault/tests/test_inbox.py
+++ b/vault/tests/test_inbox.py
@@ -16,7 +16,7 @@ def test_user_inbox(self):
             {"login": "test", "email": "test@test", "name": "test"}
         )
 
-        user.action_new_share_token()
+        user.action_new_inbox_token()
 
         model = self.env["res.users"]
         token = user.inbox_token
@@ -27,7 +27,7 @@ def test_user_inbox(self):
         user.inbox_enabled = False
         self.assertEqual(model, model.find_user_of_inbox(token))
 
-        user.action_new_share_token()
+        user.action_new_inbox_token()
         self.assertNotEqual(user.inbox_token, token)
 
     def test_inbox(self):
diff --git a/vault/tests/test_rights.py b/vault/tests/test_rights.py
index 08d5de5acb..12f83423df 100644
--- a/vault/tests/test_rights.py
+++ b/vault/tests/test_rights.py
@@ -50,6 +50,19 @@ def test_owner_access(self):
             right.perm_delete = False
             obj.unlink()
 
+    def test_no_create(self):
+        self.env["vault.right"].create(
+            {
+                "vault_id": self.vault.id,
+                "user_id": self.user.id,
+                "perm_create": False,
+            }
+        )
+
+        for obj in [self.field, self.entry, self.vault]:
+            with self.assertRaises(AccessError):
+                obj.with_user(self.user).check_access_rule("create")
+
     def test_no_right(self):
         # No right defined for test user means access denied
         for obj in [self.field, self.entry, self.vault]:
@@ -68,6 +81,7 @@ def test_no_permission(self):
             {
                 "vault_id": self.vault.id,
                 "user_id": self.user.id,
+                "perm_create": False,
                 "perm_write": False,
                 "perm_delete": False,
             }
diff --git a/vault/tests/test_user.py b/vault/tests/test_user.py
index 051bb1b71b..bbddb1a0ec 100644
--- a/vault/tests/test_user.py
+++ b/vault/tests/test_user.py
@@ -14,7 +14,7 @@ def test_user_inbox(self):
             {"login": "test", "email": "test@test", "name": "test"}
         )
 
-        user.action_new_share_token()
+        user.action_new_inbox_token()
 
         model = self.env["res.users"]
         token = user.inbox_token
@@ -25,5 +25,10 @@ def test_user_inbox(self):
         user.inbox_enabled = False
         self.assertEqual(model, model.find_user_of_inbox(token))
 
-        user.action_new_share_token()
+        user.action_new_inbox_token()
         self.assertNotEqual(user.inbox_token, token)
+
+    def test_user_key_management(self):
+        action = self.env.ref("vault.action_res_users_keys")
+
+        self.assertEqual(action.id, self.env["res.users"].action_get_vault()["id"])
diff --git a/vault/tests/test_vault.py b/vault/tests/test_vault.py
index 5a46c3f2b3..58f5326e87 100644
--- a/vault/tests/test_vault.py
+++ b/vault/tests/test_vault.py
@@ -2,6 +2,7 @@
 # License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
 
 import logging
+from datetime import datetime
 
 from odoo.exceptions import ValidationError
 from odoo.tests import TransactionCase
@@ -129,3 +130,28 @@ def test_vault_keys(self):
         keys = self.env.user.get_vault_keys()
         for key in ["private", "public", "iv", "salt", "iterations"]:
             self.assertEqual(keys[key], data[key])
+
+    def test_vault_entry_recursion(self):
+        child = self.env["vault.entry"].create(
+            {"vault_id": self.vault.id, "name": "Entry", "parent_id": self.entry.id}
+        )
+
+        with self.assertRaises(ValidationError):
+            self.entry.parent_id = child.id
+
+    def test_search_expired(self):
+        entry = self.env["vault.entry"]
+        self.assertEqual(entry._search_expired("in", []), [])
+
+        domain = entry._search_expired("=", True)
+        self.assertEqual(domain[0][:2], ("expire_date", "<"))
+        self.assertIsInstance(domain[0][2], datetime)
+
+        domain = entry._search_expired("!=", False)
+        self.assertEqual(domain[0][:2], ("expire_date", "<"))
+        self.assertIsInstance(domain[0][2], datetime)
+
+        domain = entry._search_expired("=", False)
+        self.assertTrue(domain[0] == "|")
+        self.assertIn(("expire_date", "=", False), domain)
+        self.assertTrue(any(("expire_date", ">=") == d[:2] for d in domain))
diff --git a/vault/views/assets.xml b/vault/views/assets.xml
index c44b96a0e2..cff9055e31 100644
--- a/vault/views/assets.xml
+++ b/vault/views/assets.xml
@@ -31,6 +31,7 @@
     </template>
 
     <template id="inbox_frontend">
+        <t t-call-assets="web.assets_common" />
         <script type="text/javascript" src="/vault/static/src/js/vault_utils.js" />
         <script type="text/javascript" src="/vault/static/src/js/vault_inbox.js" />
     </template>
diff --git a/vault/views/menuitems.xml b/vault/views/menuitems.xml
index 3673b5a769..20f4f7d9f5 100644
--- a/vault/views/menuitems.xml
+++ b/vault/views/menuitems.xml
@@ -7,11 +7,16 @@
     </record>
 
     <record id="action_vault_entry" model="ir.actions.act_window">
-        <field name="name">Entries</field>
+        <field name="name">All Entries</field>
         <field name="res_model">vault.entry</field>
         <field name="view_mode">tree,form</field>
-        <field name="view_id" ref="view_vault_entry_full_tree" />
-        <field name="search_view_id" ref="view_vault_entry_search" />
+        <field name="context">{'search_default_vault': 1}</field>
+        <field
+            name="view_ids"
+            eval="[(5,0,0),
+            (0,0,{'view_mode':'tree', 'view_id': ref('view_vault_entry_full_tree')}),
+            (0,0,{'view_mode':'form', 'view_id': ref('view_vault_entry_overview_form')})]"
+        />
     </record>
 
     <record id="action_vault_inbox" model="ir.actions.act_window">
@@ -39,6 +44,7 @@
         groups="base.group_user"
         parent="menu_vault"
         action="action_vault_entry"
+        sequence="30"
     />
     <menuitem
         id="menu_vault_inbox"
diff --git a/vault/views/res_config_settings_views.xml b/vault/views/res_config_settings_views.xml
new file mode 100644
index 0000000000..e71d94452c
--- /dev/null
+++ b/vault/views/res_config_settings_views.xml
@@ -0,0 +1,26 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<odoo>
+    <record id="res_config_settings_view_form" model="ir.ui.view">
+        <field name="name">res.config.settings.view.form</field>
+        <field name="model">res.config.settings</field>
+        <field name="inherit_id" ref="base_setup.res_config_settings_view_form" />
+        <field name="arch" type="xml">
+            <div id="user_default_rights" position="after">
+                <h2>Vault</h2>
+                <div class="row mt16 o_settings_container" id="vault">
+                    <div class="col-xs-12 col-md-6 o_setting_box" id="vault_share">
+                        <div class="o_setting_left_pane">
+                            <field name="module_vault_share" />
+                        </div>
+                        <div class="o_setting_right_pane">
+                            <label for="module_vault_share" string="Vault Share" />
+                            <div class="text-muted">
+                                Allow the usage to share secrets with external users
+                            </div>
+                        </div>
+                    </div>
+                </div>
+            </div>
+        </field>
+    </record>
+</odoo>
diff --git a/vault/views/res_users_views.xml b/vault/views/res_users_views.xml
index 03fecc488d..757dd31708 100644
--- a/vault/views/res_users_views.xml
+++ b/vault/views/res_users_views.xml
@@ -42,7 +42,7 @@
                         class="btn-primary"
                     />
                     <button
-                        name="action_new_share_token"
+                        name="action_new_inbox_token"
                         type="object"
                         string="New inbox link"
                         class="btn-primary"
diff --git a/vault/views/templates.xml b/vault/views/templates.xml
index 6b6bfc25eb..3d22989ec6 100644
--- a/vault/views/templates.xml
+++ b/vault/views/templates.xml
@@ -81,8 +81,10 @@
                     t-attf-class="clearfix text-center mb-1 {{'pt-2' if form_small else 'pt-3'}}"
                 >
                     <button
+                        id="submit"
                         type="submit"
                         class="btn btn-primary btn-block"
+                        disabled="disabled"
                     >Submit secret</button>
                 </div>
             </form>
diff --git a/vault/views/vault_entry_views.xml b/vault/views/vault_entry_views.xml
index 0ab5208ba7..d51c20d233 100644
--- a/vault/views/vault_entry_views.xml
+++ b/vault/views/vault_entry_views.xml
@@ -40,25 +40,24 @@
                     />
                 </header>
                 <sheet>
-                    <field name="vault_id" invisible="1" />
                     <field name="perm_user" invisible="1" />
+                    <field name="allowed_create" invisible="1" />
                     <field name="allowed_share" invisible="1" />
                     <field name="allowed_write" invisible="1" />
                     <field name="allowed_delete" invisible="1" />
 
                     <group>
                         <group>
-                            <field name="complete_name" />
+                            <field name="vault_id" invisible="1" />
+                            <field
+                                name="parent_id"
+                                options="{'no_open': true, 'no_create_edit': true, 'no_quick_create': true}"
+                            />
                             <field name="name" />
                             <field name="url" widget="url" />
                             <field name="tags" widget="many2many_tags" />
                         </group>
                         <group>
-                            <field
-                                name="parent_id"
-                                readonly="1"
-                                attrs="{'invisible':[('parent_id', '=', False)]}"
-                            />
                             <field name="create_date" />
                             <field name="write_date" />
                             <field name="expire_date" />
@@ -71,7 +70,7 @@
                             <field
                                 name="field_ids"
                                 context="{'default_entry_id': active_id}"
-                                options="{'create': [('allowed_write', '=', True)], 'delete': [('allowed_delete', '=', True)], 'no_open': true}"
+                                options="{'create': [('allowed_create', '=', True)], 'delete': [('allowed_delete', '=', True)], 'no_open': true}"
                             >
                                 <tree editable="bottom">
                                     <field name="vault_id" invisible="1" />
@@ -92,7 +91,7 @@
                             <field
                                 name="file_ids"
                                 context="{'default_entry_id': active_id}"
-                                options="{'create': [('allowed_write', '=', True)], 'delete': [('allowed_delete', '=', True)], 'no_open': True}"
+                                options="{'create': [('allowed_create', '=', True)], 'delete': [('allowed_delete', '=', True)], 'no_open': True}"
                             >
                                 <tree editable="bottom">
                                     <field name="vault_id" invisible="1" />
@@ -127,6 +126,18 @@
         </field>
     </record>
 
+    <record id="view_vault_entry_overview_form" model="ir.ui.view">
+        <field name="model">vault.entry</field>
+        <field name="mode">primary</field>
+        <field name="priority">100</field>
+        <field name="inherit_id" ref="view_vault_entry_form" />
+        <field name="arch" type="xml">
+            <field name="vault_id" position="attributes">
+                <attribute name="invisible">0</attribute>
+            </field>
+        </field>
+    </record>
+
     <record id="view_vault_entry_search" model="ir.ui.view">
         <field name="name">vault.entry.search</field>
         <field name="model">vault.entry</field>
@@ -136,13 +147,24 @@
                 <field name="name" operator="ilike" />
                 <field name="tags" operator="ilike" />
                 <field name="note" operator="ilike" />
+                <filter
+                    string="Expired"
+                    name="expired"
+                    domain="[('expired', '=', True)]"
+                />
+                <filter
+                    string="Not Expired"
+                    name="not_expired"
+                    domain="[('expired', '!=', True)]"
+                />
+                <filter
+                    string="Vault"
+                    name="vault"
+                    domain="[]"
+                    context="{'group_by': 'vault_id'}"
+                />
                 <searchpanel>
-                    <field
-                        name="parent_id"
-                        select="category"
-                        string="Entries"
-                        enable_counters="1"
-                    />
+                    <field name="parent_id" string="Entries" enable_counters="1" />
                 </searchpanel>
             </search>
         </field>
diff --git a/vault/views/vault_inbox_views.xml b/vault/views/vault_inbox_views.xml
index 100b57d872..0dd4e293c9 100644
--- a/vault/views/vault_inbox_views.xml
+++ b/vault/views/vault_inbox_views.xml
@@ -3,8 +3,9 @@
     <record id="view_vault_inbox_tree" model="ir.ui.view">
         <field name="model">vault.inbox</field>
         <field name="arch" type="xml">
-            <tree>
+            <tree create="false">
                 <field name="name" />
+                <field name="inbox_link" widget="url" />
             </tree>
         </field>
     </record>
@@ -35,6 +36,14 @@
                             attrs="{'invisible': [('secret', '=', False)]}"
                         />
                     </group>
+
+                    <label for="log_ids" />
+                    <field name="log_ids" options="{'no_open': True}">
+                        <tree>
+                            <field name="name" />
+                            <field name="create_date" />
+                        </tree>
+                    </field>
                 </sheet>
             </form>
         </field>
diff --git a/vault/views/vault_right_views.xml b/vault/views/vault_right_views.xml
index bcbef35448..940a2c6d12 100644
--- a/vault/views/vault_right_views.xml
+++ b/vault/views/vault_right_views.xml
@@ -3,12 +3,13 @@
     <record id="view_right_tree" model="ir.ui.view">
         <field name="model">vault.right</field>
         <field name="arch" type="xml">
-            <tree editable="bottom">
+            <tree editable="bottom" decoration-danger="not key">
                 <field name="vault_id" invisible="1" />
                 <field name="master_key" invisible="1" />
                 <field name="key" invisible="1" />
                 <field name="public_key" invisible="1" />
                 <field name="user_id" />
+                <field name="perm_create" />
                 <field name="perm_write" />
                 <field name="perm_share" />
                 <field name="perm_delete" />
@@ -23,6 +24,7 @@
                 <sheet>
                     <group>
                         <field name="user_id" />
+                        <field name="perm_create" />
                         <field name="perm_write" />
                         <field name="perm_share" />
                         <field name="perm_delete" />
@@ -35,9 +37,10 @@
     <record id="view_vault_right_overview_tree" model="ir.ui.view">
         <field name="model">vault.right</field>
         <field name="arch" type="xml">
-            <tree editable="bottom">
+            <tree create="false">
                 <field name="vault_id" />
                 <field name="user_id" />
+                <field name="perm_create" />
                 <field name="perm_write" />
                 <field name="perm_share" />
                 <field name="perm_delete" />
diff --git a/vault/views/vault_views.xml b/vault/views/vault_views.xml
index fbddb7d87e..fc1d1ec93a 100644
--- a/vault/views/vault_views.xml
+++ b/vault/views/vault_views.xml
@@ -64,6 +64,7 @@
                     <group>
                         <field name="allowed_share" invisible="1" />
                         <field name="allowed_write" invisible="1" />
+                        <field name="allowed_create" invisible="1" />
                         <field name="allowed_delete" invisible="1" />
                         <field name="master_key" invisible="1" required="1" />
                         <field name="name" />
diff --git a/vault/wizards/vault_send_wizard.py b/vault/wizards/vault_send_wizard.py
index 21f20c3fd6..d4bac22cd9 100644
--- a/vault/wizards/vault_send_wizard.py
+++ b/vault/wizards/vault_send_wizard.py
@@ -16,10 +16,7 @@ class VaultSendWizard(models.TransientModel):
         "res.users",
         "User",
         required=True,
-        domain=[
-            ("keys.public", "!=", False),
-            ("inbox_enabled", "=", True),
-        ],
+        domain=[("keys", "!=", False), ("inbox_enabled", "=", True)],
     )
     name = fields.Char(required=True)
     public = fields.Char(related="user_id.active_key.public")
@@ -40,12 +37,16 @@ class VaultSendWizard(models.TransientModel):
 
     def action_send(self):
         self.ensure_one()
-        self.env["vault.inbox"].sudo().store_in_inbox(
-            self.name,
-            self.secret,
-            self.secret_file,
-            self.iv,
-            self.key_user,
-            self.user_id,
-            self.filename,
+        self.env["vault.inbox"].sudo().create(
+            {
+                "name": self.name,
+                "accesses": 0,
+                "secret": self.secret,
+                "secret_file": self.secret_file,
+                "iv": self.iv,
+                "key": self.key_user,
+                "user_id": self.user_id.id,
+                "filename": self.filename,
+                "log_ids": [(0, 0, {"name": _("Created by %s") % self.user_id.name})],
+            }
         )
diff --git a/vault/wizards/vault_send_wizard.xml b/vault/wizards/vault_send_wizard.xml
index 97a3db4c00..7370238070 100644
--- a/vault/wizards/vault_send_wizard.xml
+++ b/vault/wizards/vault_send_wizard.xml
@@ -15,7 +15,10 @@
                         <field name="key_user" invisible="1" />
                         <field name="secret" invisible="1" />
                         <field name="public" invisible="1" />
-                        <field name="user_id" />
+                        <field
+                            name="user_id"
+                            options="{'no_open': true, 'no_create_edit': true, 'no_quick_create': true}"
+                        />
                         <field name="name" />
                     </group>
                 </sheet>
diff --git a/vault/wizards/vault_store_wizard.xml b/vault/wizards/vault_store_wizard.xml
index 47d3f24ec0..c3226c8f28 100644
--- a/vault/wizards/vault_store_wizard.xml
+++ b/vault/wizards/vault_store_wizard.xml
@@ -13,12 +13,12 @@
                         <field name="secret_temporary" invisible="1" />
                         <field
                             name="vault_id"
-                            options="{'no_create_edit': True, 'no_open': True}"
+                            options="{'no_create_edit': True, 'no_open': True, 'no_quick_create': true}"
                         />
                         <field
                             name="entry_id"
                             attrs="{'invisible': [('vault_id', '=', False)]}"
-                            options="{'no_create_edit': True, 'no_open': True}"
+                            options="{'no_create_edit': True, 'no_open': True, 'no_quick_create': true}"
                         />
                         <field name="name" />
                     </group>
diff --git a/vault_share/__manifest__.py b/vault_share/__manifest__.py
index cdbf549b35..80235e1c1f 100644
--- a/vault_share/__manifest__.py
+++ b/vault_share/__manifest__.py
@@ -5,9 +5,9 @@
     "name": "Vault - Share",
     "summary": "Implementation of a mechanism to share secrets",
     "license": "AGPL-3",
-    "version": "14.0.1.0.0",
+    "version": "14.0.1.1.0",
     "website": "https://github.com/OCA/server-auth",
-    "application": True,
+    "application": False,
     "author": "initOS GmbH, Odoo Community Association (OCA)",
     "category": "Vault",
     "depends": ["vault"],
@@ -17,6 +17,7 @@
         "security/ir_rule.xml",
         "views/assets.xml",
         "views/menuitems.xml",
+        "views/res_config_settings_views.xml",
         "views/templates.xml",
         "views/vault_share_views.xml",
     ],
diff --git a/vault_share/controllers/main.py b/vault_share/controllers/main.py
index 4d908f0669..e51f703cbf 100644
--- a/vault_share/controllers/main.py
+++ b/vault_share/controllers/main.py
@@ -13,7 +13,8 @@ class Controller(http.Controller):
     @http.route("/vault/share/<string:token>", type="http", auth="public")
     def vault_share(self, token):
         ctx = {"disable_footer": True, "token": token}
-        secret = request.env["vault.share"].sudo().get(token)
+        share = request.env["vault.share"].sudo()
+        secret = share.get(token, ip=request.httprequest.remote_addr)
         if secret is None:
             ctx["error"] = _("The secret expired")
             return request.render("vault_share.share", ctx)
diff --git a/vault_share/models/__init__.py b/vault_share/models/__init__.py
index 51a08ee32d..e6b947e32a 100644
--- a/vault_share/models/__init__.py
+++ b/vault_share/models/__init__.py
@@ -1,4 +1,4 @@
 # © 2021 Florian Kantelberg - initOS GmbH
 # License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
 
-from . import vault_share
+from . import res_company, res_config_settings, vault_share, vault_share_log
diff --git a/vault_share/models/res_company.py b/vault_share/models/res_company.py
new file mode 100644
index 0000000000..8eac8cd823
--- /dev/null
+++ b/vault_share/models/res_company.py
@@ -0,0 +1,10 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+from odoo import fields, models
+
+
+class RecCompany(models.Model):
+    _inherit = "res.company"
+
+    vault_share_delay = fields.Integer(default=0)
diff --git a/vault_share/models/res_config_settings.py b/vault_share/models/res_config_settings.py
new file mode 100644
index 0000000000..15b04def40
--- /dev/null
+++ b/vault_share/models/res_config_settings.py
@@ -0,0 +1,24 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import logging
+
+from odoo import api, fields, models
+
+_logger = logging.getLogger(__name__)
+
+
+class ResConfigSettings(models.TransientModel):
+    _inherit = "res.config.settings"
+
+    vault_share_delay = fields.Integer(
+        string="Delayed Deletion",
+        related="company_id.vault_share_delay",
+        readonly=False,
+        help="Delays the deletion of a share. After the expiration date it continues "
+        "to stay inaccessible",
+    )
+
+    @api.onchange("vault_share_delay")
+    def _on_change_mins(self):
+        self.vault_share_delay = max(0, self.vault_share_delay)
diff --git a/vault_share/models/vault_share.py b/vault_share/models/vault_share.py
index 24da5c41a9..9eb337bab2 100644
--- a/vault_share/models/vault_share.py
+++ b/vault_share/models/vault_share.py
@@ -38,6 +38,7 @@ class VaultShare(models.Model):
         default=lambda self: datetime.now() + timedelta(days=7),
         help="Specifies how long a share can be accessed until deletion.",
     )
+    log_ids = fields.One2many("vault.share.log", "share_id", "Log", readonly=True)
 
     _sql_constraints = [
         (
@@ -54,19 +55,28 @@ def _compute_url(self):
             rec.share_link = f"{base_url}/vault/share/{rec.token}"
 
     @api.model
-    def get(self, token):
+    def get(self, token, ip=None):
         rec = self.search([("token", "=", token)], limit=1)
         if not rec:
             return rec
 
         if datetime.now() < rec.expiration and rec.accesses > 0:
             rec.accesses -= 1
+            log = _("The share was accessed by %s via %s")
+            rec.log_ids = [(0, 0, {"name": log % (self.env.user.name, ip)})]
             return rec
 
-        rec.unlink()
         return None
 
+    @api.model
+    def create(self, vals):
+        rec = super().create(vals)
+        log = _("The share was created by %s")
+        rec.log_ids = [(0, 0, {"name": log % self.env.user.name})]
+        return rec
+
     @api.model
     def clean(self):
         now = datetime.now()
-        self.search([("expiration", "<=", now), ("accesses", "<=", 0)]).unlink()
+        offset = timedelta(days=self.env.company.vault_share_delay)
+        self.search([("expiration", "<=", now + offset)]).unlink()
diff --git a/vault_share/models/vault_share_log.py b/vault_share/models/vault_share_log.py
new file mode 100644
index 0000000000..c8c2ef047e
--- /dev/null
+++ b/vault_share/models/vault_share_log.py
@@ -0,0 +1,22 @@
+# © 2021 Florian Kantelberg - initOS GmbH
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import logging
+
+from odoo import _, fields, models
+
+_logger = logging.getLogger(__name__)
+
+
+class VaultShareLog(models.Model):
+    _name = "vault.share.log"
+    _description = _("Vault share log")
+    _order = "create_date DESC"
+
+    share_id = fields.Many2one(
+        "vault.share",
+        ondelete="cascade",
+        readonly=True,
+        required=True,
+    )
+    name = fields.Char(readonly=True)
diff --git a/vault_share/security/ir.model.access.csv b/vault_share/security/ir.model.access.csv
index 46bc795e07..54569a817c 100644
--- a/vault_share/security/ir.model.access.csv
+++ b/vault_share/security/ir.model.access.csv
@@ -1,2 +1,3 @@
 id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
 access_vault_share,access_vault_share,model_vault_share,base.group_user,1,1,1,1
+access_vault_share_log,access_vault_share_log,model_vault_share_log,base.group_user,1,1,1,1
diff --git a/vault_share/security/ir_rule.xml b/vault_share/security/ir_rule.xml
index 936aba6b94..e9a1dc2576 100644
--- a/vault_share/security/ir_rule.xml
+++ b/vault_share/security/ir_rule.xml
@@ -9,4 +9,14 @@
         <field name="perm_unlink" eval="1" />
         <field name="perm_read" eval="1" />
     </record>
+
+    <record id="vault_share_log_owner" model="ir.rule">
+        <field name="name">vault.share.log.access.owner</field>
+        <field name="model_id" ref="vault_share.model_vault_share_log" />
+        <field name="domain_force">[('share_id.user_id', '=', user.id)]</field>
+        <field name="perm_create" eval="1" />
+        <field name="perm_write" eval="1" />
+        <field name="perm_unlink" eval="1" />
+        <field name="perm_read" eval="1" />
+    </record>
 </odoo>
diff --git a/vault_share/static/src/js/vault_share.js b/vault_share/static/src/js/vault_share.js
index 2af6783193..81b8482c9f 100644
--- a/vault_share/static/src/js/vault_share.js
+++ b/vault_share/static/src/js/vault_share.js
@@ -19,6 +19,8 @@ odoo.define("vault.share", function (require) {
     }
 
     document.getElementById("pin").onchange = async function () {
+        if (!utils.supported()) return;
+
         find_elements();
 
         // Derive the key from the pin
@@ -30,7 +32,7 @@ odoo.define("vault.share", function (require) {
 
         const secret = document.getElementById("secret");
         const secret_file = document.getElementById("secret_file");
-        if (!secret || !secret_file) return;
+        if (!secret && !secret_file) return;
 
         // There is no secret to decrypt
         if (!this.value) {
diff --git a/vault_share/static/src/js/vault_share_widget.js b/vault_share/static/src/js/vault_share_widget.js
index 6b5c287c24..a897667b52 100644
--- a/vault_share/static/src/js/vault_share_widget.js
+++ b/vault_share/static/src/js/vault_share_widget.js
@@ -75,6 +75,7 @@ odoo.define("vault.share.widget", function (require) {
          * @param {String} value
          */
         _renderValue: function (value) {
+            const self = this;
             this.$el.html(
                 QWeb.render(this.template, {
                     widget: self,
@@ -86,7 +87,7 @@ odoo.define("vault.share.widget", function (require) {
     });
 
     // Widget used to create shared outgoing secrets encrypted with a pin
-    var VaultShareField = vault_fields.VaultField.extend(vault_fields.VaultAbstract, {
+    var VaultShareField = vault_fields.VaultField.extend({
         events: _.extend({}, vault_fields.VaultField.prototype.events, {
             "click .o_vault_save": "_onSaveValue",
         }),
@@ -172,6 +173,10 @@ odoo.define("vault.share.widget", function (require) {
          * @param {String} crypted
          */
         _decrypt: async function (crypted) {
+            if (crypted === false) return false;
+
+            if (!utils.supported()) return null;
+
             const iv = this._getIV();
             const pin = await this._getPin();
             const salt = utils.fromBase64(this._getSalt());
@@ -187,6 +192,8 @@ odoo.define("vault.share.widget", function (require) {
          * @param {String} data
          */
         _encrypt: async function (data) {
+            if (!utils.supported()) return null;
+
             const iv = this._getIV();
             const pin = await this._getPin();
             const salt = utils.fromBase64(this._getSalt());
@@ -202,6 +209,7 @@ odoo.define("vault.share.widget", function (require) {
          * @private
          */
         _renderReadonly: function () {
+            const self = this;
             this.$el.html(
                 QWeb.render(this.template, {
                     widget: self,
@@ -221,7 +229,7 @@ odoo.define("vault.share.widget", function (require) {
     });
 
     // Widget used to view shared incoming secrets encrypted with public keys
-    var VaultShareFile = vault_fields.VaultFile.extend(vault_fields.VaultAbstract, {
+    var VaultShareFile = vault_fields.VaultFile.extend({
         store_model: "vault.file",
         template: "FileVaultShare",
         events: _.extend({}, vault_fields.VaultFile.prototype.events, {
@@ -325,6 +333,8 @@ odoo.define("vault.share.widget", function (require) {
          * @param {String} crypted
          */
         _decrypt: async function (crypted) {
+            if (!utils.supported()) return null;
+
             const iv = this._getIV();
             const pin = await this._getPin();
             const salt = utils.fromBase64(this._getSalt());
@@ -340,6 +350,8 @@ odoo.define("vault.share.widget", function (require) {
          * @param {String} data
          */
         _encrypt: async function (data) {
+            if (!utils.supported()) return null;
+
             const iv = this._getIV();
             const pin = await this._getPin();
             const salt = utils.fromBase64(this._getSalt());
diff --git a/vault_share/static/src/xml/templates.xml b/vault_share/static/src/xml/templates.xml
index 0f6f2334a6..f8a2c9b9c9 100644
--- a/vault_share/static/src/xml/templates.xml
+++ b/vault_share/static/src/xml/templates.xml
@@ -1,7 +1,10 @@
 <?xml version="1.0" encoding="UTF-8" ?>
 <templates id="template" xml:space="preserve">
     <t t-name="FieldVaultShare">
-        <input class="o_vault_share" t-if="widget.mode == 'edit'" t-esc="value" />
+        <div class="o_vault o_vault_error" t-if="!widget.supported()">
+            <span>*******</span>
+        </div>
+        <input class="o_vault_share" t-elif="widget.mode == 'edit'" t-esc="value" />
         <div class="o_vault" t-else="">
             <t t-call="vault.buttons" />
             <button
@@ -15,7 +18,10 @@
     </t>
 
     <t t-name="FileVaultShare">
-        <t t-if="widget.mode == 'edit'" t-call="FieldBinaryFile" />
+        <div class="o_vault o_vault_error" t-if="!widget.supported()">
+            <span>*******</span>
+        </div>
+        <t t-elif="widget.mode == 'edit'" t-call="FieldBinaryFile" />
         <div class="o_vault" t-else="">
             <button
                 class="btn fa fa-save o_vault_save"
@@ -30,7 +36,10 @@
     </t>
 
     <t t-name="FieldPinVault">
-        <div class="o_vault">
+        <div class="o_vault o_vault_error" t-if="!widget.supported()">
+            <span>*******</span>
+        </div>
+        <div class="o_vault" t-else="">
             <t t-call="vault.buttons" />
             <span class="o_vault_value" t-esc="value" />
         </div>
diff --git a/vault_share/tests/test_share.py b/vault_share/tests/test_share.py
index cac8a41c2c..dab6176fbf 100644
--- a/vault_share/tests/test_share.py
+++ b/vault_share/tests/test_share.py
@@ -3,42 +3,75 @@
 
 import logging
 from datetime import datetime
+from unittest.mock import patch
 from uuid import uuid4
 
 from odoo.tests import TransactionCase
+from odoo.tools import mute_logger
+
+from ..controllers import main
 
 _logger = logging.getLogger(__name__)
 
 
 class TestShare(TransactionCase):
-    def test_share(self):
-        user = self.env.user
-        model = self.env["vault.share"]
-        vals = {
-            "name": f"Share {user.name}",
+    def setUp(self):
+        super().setUp()
+
+        self.user = self.env.user
+        self.vals = {
+            "name": f"Share {self.user.name}",
             "secret": "secret",
             "salt": "sa17",
             "iv": "1v",
             "pin": "12345",
         }
 
-        share = model.create(vals)
-        self.assertEqual(share, model.get(share.token))
-        self.assertIn(share.token, share.share_link)
+        self.share = self.env["vault.share"].create(self.vals)
+
+        patcher = patch("odoo.http.request")
+        self.addCleanup(patcher.stop)
+        patcher.start()
+
+    @mute_logger("odoo.sql_db")
+    def test_share(self):
+        self.assertEqual(self.share, self.share.get(self.share.token))
+        self.assertIn(self.share.token, self.share.share_link)
 
         # Nothing should happen
-        model.clean()
-        self.assertEqual(share, model.get(share.token))
+        self.share.clean()
+        self.assertEqual(self.share, self.share.get(self.share.token))
 
         # Deletion because of accesses
-        share = model.create(vals)
+        share = self.share.create(self.vals)
         share.accesses = 0
-        self.assertEqual(None, model.get(share.token))
+        self.assertEqual(None, share.get(share.token))
 
         # Deletion because of expiration
-        share = model.create(vals)
+        share = self.share.create(self.vals)
         share.expiration = datetime(1970, 1, 1)
-        self.assertEqual(None, model.get(share.token))
+        self.assertEqual(None, share.get(share.token))
 
         # Search for invalid token
-        self.assertEqual(model, model.get(uuid4()))
+        self.assertEqual(share.browse(), share.get(uuid4()))
+
+    @patch("odoo.addons.vault_share.controllers.main.request")
+    @mute_logger("odoo.sql_db")
+    def test_vault_share(self, request_mock):
+        def return_context(template, context):
+            self.assertEqual(template, "vault_share.share")
+            return context
+
+        request_mock.env = self.env
+        request_mock.render.side_effect = return_context
+        controller = main.Controller()
+
+        response = controller.vault_share("")
+        self.assertIn("error", response)
+
+        response = controller.vault_share(self.share.token)
+        self.assertEqual(response["salt"], self.share.salt)
+
+        self.share.accesses = 0
+        response = controller.vault_share(self.share.token)
+        self.assertIn("error", response)
diff --git a/vault_share/views/assets.xml b/vault_share/views/assets.xml
index 905f8fd346..628e38e8c6 100644
--- a/vault_share/views/assets.xml
+++ b/vault_share/views/assets.xml
@@ -23,6 +23,7 @@
     </template>
 
     <template id="share_frontend">
+        <t t-call-assets="web.assets_common" />
         <script type="text/javascript" src="/vault/static/src/js/vault_utils.js" />
         <script
             type="text/javascript"
diff --git a/vault_share/views/menuitems.xml b/vault_share/views/menuitems.xml
index add9343225..639332a0fc 100644
--- a/vault_share/views/menuitems.xml
+++ b/vault_share/views/menuitems.xml
@@ -11,6 +11,6 @@
         groups="base.group_user"
         parent="vault.menu_vault"
         action="action_vault_share"
-        sequence="60"
+        sequence="45"
     />
 </odoo>
diff --git a/vault_share/views/res_config_settings_views.xml b/vault_share/views/res_config_settings_views.xml
new file mode 100644
index 0000000000..971759c497
--- /dev/null
+++ b/vault_share/views/res_config_settings_views.xml
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<odoo>
+    <record id="res_config_settings_view_form" model="ir.ui.view">
+        <field name="name">res.config.settings.view.form</field>
+        <field name="model">res.config.settings</field>
+        <field name="inherit_id" ref="vault.res_config_settings_view_form" />
+        <field name="arch" type="xml">
+            <div id="vault_share" position="after">
+                <div class="col-xs-12 col-md-6 o_setting_box" id="vault_share">
+                    <div class="o_setting_right_pane">
+                        <div class="o_form_label">Delay the deletion of shares</div>
+                        <field name="vault_share_delay" /> Days
+                    </div>
+                </div>
+            </div>
+        </field>
+    </record>
+</odoo>
diff --git a/vault_share/views/vault_share_views.xml b/vault_share/views/vault_share_views.xml
index 4b3ef95a93..da61c5ec4c 100644
--- a/vault_share/views/vault_share_views.xml
+++ b/vault_share/views/vault_share_views.xml
@@ -5,6 +5,7 @@
         <field name="arch" type="xml">
             <tree>
                 <field name="name" />
+                <field name="share_link" widget="url" />
             </tree>
         </field>
     </record>
@@ -21,7 +22,7 @@
                         <field name="filename" invisible="1" />
 
                         <field name="name" />
-                        <field name="share_link" widget="url" />
+                        <field name="share_link" widget="url" class="oe_read_only" />
                         <field name="pin" widget="vault_pin" />
                         <field name="expiration" />
                         <field name="accesses" />
@@ -32,6 +33,14 @@
                             widget="vault_share_file"
                         />
                     </group>
+
+                    <label for="log_ids" />
+                    <field name="log_ids" options="{'no_open': True}">
+                        <tree>
+                            <field name="name" />
+                            <field name="create_date" />
+                        </tree>
+                    </field>
                 </sheet>
             </form>
         </field>

From d0ca2655215f15d3ee13458a426b4cd8732041cf Mon Sep 17 00:00:00 2001
From: oca-travis <oca+oca-travis@odoo-community.org>
Date: Fri, 18 Mar 2022 09:50:24 +0000
Subject: [PATCH 08/71] Update vault.pot

---
 vault/i18n/vault.pot | 124 ++++++++++++++++++++++++++++++++++++++-----
 1 file changed, 110 insertions(+), 14 deletions(-)

diff --git a/vault/i18n/vault.pot b/vault/i18n/vault.pot
index 6e8292a62d..cce67d80c4 100644
--- a/vault/i18n/vault.pot
+++ b/vault/i18n/vault.pot
@@ -13,6 +13,12 @@ msgstr ""
 "Content-Transfer-Encoding: \n"
 "Plural-Forms: \n"
 
+#. module: vault
+#: code:addons/vault/models/vault_entry.py:0
+#, python-format
+msgid "%s entry %s by %s"
+msgstr ""
+
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/xml/templates.xml:0
@@ -44,6 +50,22 @@ msgstr ""
 msgid "Active Key"
 msgstr ""
 
+#. module: vault
+#: model:ir.actions.act_window,name:vault.action_vault_entry
+#: model:ir.ui.menu,name:vault.menu_vault_entry
+msgid "All Entries"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.res_config_settings_view_form
+msgid "Allow the usage to share secrets with external users"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,help:vault.field_vault_right__perm_create
+msgid "Allow to create in the vault"
+msgstr ""
+
 #. module: vault
 #: model:ir.model.fields,help:vault.field_vault_right__perm_delete
 msgid "Allow to delete a vault"
@@ -59,6 +81,16 @@ msgstr ""
 msgid "Allow to write to the vault"
 msgstr ""
 
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__allowed_create
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__allowed_create
+#: model:ir.model.fields,field_description:vault.field_vault_entry__allowed_create
+#: model:ir.model.fields,field_description:vault.field_vault_field__allowed_create
+#: model:ir.model.fields,field_description:vault.field_vault_file__allowed_create
+#: model:ir.model.fields,field_description:vault.field_vault_right__allowed_create
+msgid "Allowed Create"
+msgstr ""
+
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault__allowed_delete
 #: model:ir.model.fields,field_description:vault.field_vault_abstract_field__allowed_delete
@@ -99,16 +131,6 @@ msgstr ""
 msgid "Allowed Write"
 msgstr ""
 
-#. module: vault
-#: model:ir.model.fields,field_description:vault.field_vault__allowed_create
-#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__allowed_create
-#: model:ir.model.fields,field_description:vault.field_vault_entry__allowed_create
-#: model:ir.model.fields,field_description:vault.field_vault_field__allowed_create
-#: model:ir.model.fields,field_description:vault.field_vault_file__allowed_create
-#: model:ir.model.fields,field_description:vault.field_vault_right__allowed_create
-msgid "Allowed Create"
-msgstr ""
-
 #. module: vault
 #: code:addons/vault/controllers/main.py:0
 #, python-format
@@ -172,6 +194,11 @@ msgstr ""
 msgid "Complete Name"
 msgstr ""
 
+#. module: vault
+#: model:ir.model,name:vault.model_res_config_settings
+msgid "Config Settings"
+msgstr ""
+
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/xml/templates.xml:0
@@ -192,6 +219,11 @@ msgstr ""
 msgid "Copy to clipboard"
 msgstr ""
 
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_right__perm_create
+msgid "Create"
+msgstr ""
+
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__create_uid
 #: model:ir.model.fields,field_description:vault.field_vault__create_uid
@@ -202,6 +234,7 @@ msgstr ""
 #: model:ir.model.fields,field_description:vault.field_vault_import_wizard__create_uid
 #: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__create_uid
 #: model:ir.model.fields,field_description:vault.field_vault_inbox__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_inbox_log__create_uid
 #: model:ir.model.fields,field_description:vault.field_vault_log__create_uid
 #: model:ir.model.fields,field_description:vault.field_vault_right__create_uid
 #: model:ir.model.fields,field_description:vault.field_vault_send_wizard__create_uid
@@ -210,6 +243,18 @@ msgstr ""
 msgid "Created by"
 msgstr ""
 
+#. module: vault
+#: code:addons/vault/wizards/vault_send_wizard.py:0
+#, python-format
+msgid "Created by %s"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_inbox.py:0
+#, python-format
+msgid "Created by %s via %s"
+msgstr ""
+
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__create_date
 #: model:ir.model.fields,field_description:vault.field_vault__create_date
@@ -220,6 +265,7 @@ msgstr ""
 #: model:ir.model.fields,field_description:vault.field_vault_import_wizard__create_date
 #: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__create_date
 #: model:ir.model.fields,field_description:vault.field_vault_inbox__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_inbox_log__create_date
 #: model:ir.model.fields,field_description:vault.field_vault_log__create_date
 #: model:ir.model.fields,field_description:vault.field_vault_right__create_date
 #: model:ir.model.fields,field_description:vault.field_vault_send_wizard__create_date
@@ -254,6 +300,7 @@ msgid "Delete"
 msgstr ""
 
 #. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_config_settings__display_name
 #: model:ir.model.fields,field_description:vault.field_res_users__display_name
 #: model:ir.model.fields,field_description:vault.field_res_users_key__display_name
 #: model:ir.model.fields,field_description:vault.field_vault__display_name
@@ -266,6 +313,7 @@ msgstr ""
 #: model:ir.model.fields,field_description:vault.field_vault_import_wizard__display_name
 #: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__display_name
 #: model:ir.model.fields,field_description:vault.field_vault_inbox__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_inbox_log__display_name
 #: model:ir.model.fields,field_description:vault.field_vault_log__display_name
 #: model:ir.model.fields,field_description:vault.field_vault_right__display_name
 #: model:ir.model.fields,field_description:vault.field_vault_send_wizard__display_name
@@ -303,10 +351,8 @@ msgstr ""
 
 #. module: vault
 #: model:ir.actions.act_window,name:vault.action_open_entries
-#: model:ir.actions.act_window,name:vault.action_vault_entry
 #: model:ir.model.fields,field_description:vault.field_vault__entry_ids
 #: model:ir.model.fields,field_description:vault.field_vault_export_wizard__entry_id
-#: model:ir.ui.menu,name:vault.menu_vault_entry
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_search
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_form
 msgid "Entries"
@@ -341,6 +387,7 @@ msgstr ""
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_entry__expired
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_search
 msgid "Expired"
 msgstr ""
 
@@ -457,6 +504,7 @@ msgid "Hide"
 msgstr ""
 
 #. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_config_settings__id
 #: model:ir.model.fields,field_description:vault.field_res_users__id
 #: model:ir.model.fields,field_description:vault.field_res_users_key__id
 #: model:ir.model.fields,field_description:vault.field_vault__id
@@ -469,6 +517,7 @@ msgstr ""
 #: model:ir.model.fields,field_description:vault.field_vault_import_wizard__id
 #: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__id
 #: model:ir.model.fields,field_description:vault.field_vault_inbox__id
+#: model:ir.model.fields,field_description:vault.field_vault_inbox_log__id
 #: model:ir.model.fields,field_description:vault.field_vault_log__id
 #: model:ir.model.fields,field_description:vault.field_vault_right__id
 #: model:ir.model.fields,field_description:vault.field_vault_send_wizard__id
@@ -479,12 +528,12 @@ msgstr ""
 
 #. module: vault
 #: model:ir.model.fields,help:vault.field_vault_inbox__expiration
-msgid "If expired the inbox will be read-only for the owner."
+msgid "If expired the inbox can't be written using the link"
 msgstr ""
 
 #. module: vault
 #: model:ir.model.fields,help:vault.field_vault_inbox__accesses
-msgid "If this is 0 the inbox will be read-only for the owner."
+msgid "If this is 0 the inbox can't be written using the link"
 msgstr ""
 
 #. module: vault
@@ -517,6 +566,7 @@ msgstr ""
 
 #. module: vault
 #: model:ir.actions.act_window,name:vault.action_vault_inbox
+#: model:ir.model.fields,field_description:vault.field_vault_inbox_log__inbox_id
 #: model:ir.ui.menu,name:vault.menu_vault_inbox
 msgid "Inbox"
 msgstr ""
@@ -621,6 +671,7 @@ msgid "Keys"
 msgstr ""
 
 #. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_config_settings____last_update
 #: model:ir.model.fields,field_description:vault.field_res_users____last_update
 #: model:ir.model.fields,field_description:vault.field_res_users_key____last_update
 #: model:ir.model.fields,field_description:vault.field_vault____last_update
@@ -633,6 +684,7 @@ msgstr ""
 #: model:ir.model.fields,field_description:vault.field_vault_import_wizard____last_update
 #: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path____last_update
 #: model:ir.model.fields,field_description:vault.field_vault_inbox____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_inbox_log____last_update
 #: model:ir.model.fields,field_description:vault.field_vault_log____last_update
 #: model:ir.model.fields,field_description:vault.field_vault_right____last_update
 #: model:ir.model.fields,field_description:vault.field_vault_send_wizard____last_update
@@ -651,6 +703,7 @@ msgstr ""
 #: model:ir.model.fields,field_description:vault.field_vault_import_wizard__write_uid
 #: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__write_uid
 #: model:ir.model.fields,field_description:vault.field_vault_inbox__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_inbox_log__write_uid
 #: model:ir.model.fields,field_description:vault.field_vault_log__write_uid
 #: model:ir.model.fields,field_description:vault.field_vault_right__write_uid
 #: model:ir.model.fields,field_description:vault.field_vault_send_wizard__write_uid
@@ -669,6 +722,7 @@ msgstr ""
 #: model:ir.model.fields,field_description:vault.field_vault_import_wizard__write_date
 #: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__write_date
 #: model:ir.model.fields,field_description:vault.field_vault_inbox__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_inbox_log__write_date
 #: model:ir.model.fields,field_description:vault.field_vault_log__write_date
 #: model:ir.model.fields,field_description:vault.field_vault_right__write_date
 #: model:ir.model.fields,field_description:vault.field_vault_send_wizard__write_date
@@ -687,6 +741,7 @@ msgstr ""
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault__log_ids
 #: model:ir.model.fields,field_description:vault.field_vault_entry__log_ids
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__log_ids
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_form
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_form
 msgid "Log"
@@ -740,6 +795,11 @@ msgstr ""
 msgid "Model"
 msgstr ""
 
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_config_settings__module_vault_share
+msgid "Module Vault Share"
+msgstr ""
+
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault__name
 #: model:ir.model.fields,field_description:vault.field_vault_abstract_field__name
@@ -750,6 +810,7 @@ msgstr ""
 #: model:ir.model.fields,field_description:vault.field_vault_import_wizard__name
 #: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__name
 #: model:ir.model.fields,field_description:vault.field_vault_inbox__name
+#: model:ir.model.fields,field_description:vault.field_vault_inbox_log__name
 #: model:ir.model.fields,field_description:vault.field_vault_send_wizard__name
 #: model:ir.model.fields,field_description:vault.field_vault_store_wizard__name
 #: model:ir.model.fields,field_description:vault.field_vault_tag__name
@@ -786,6 +847,11 @@ msgstr ""
 msgid "No value found"
 msgstr ""
 
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_search
+msgid "Not Expired"
+msgstr ""
+
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault__note
 #: model:ir.model.fields,field_description:vault.field_vault_entry__note
@@ -1053,12 +1119,16 @@ msgid ""
 msgstr ""
 
 #. module: vault
+#: code:addons/vault/models/vault_tag.py:0
 #: model:ir.model.constraint,message:vault.constraint_vault_tag_name_uniq
+#, python-format
 msgid "The tag must be unique!"
 msgstr ""
 
 #. module: vault
+#: code:addons/vault/models/vault_right.py:0
 #: model:ir.model.constraint,message:vault.constraint_vault_right_user_uniq
+#, python-format
 msgid "The user must be unique"
 msgstr ""
 
@@ -1144,6 +1214,8 @@ msgstr ""
 #: model:ir.model.fields,field_description:vault.field_vault_right__vault_id
 #: model:ir.model.fields,field_description:vault.field_vault_store_wizard__vault_id
 #: model:ir.ui.menu,name:vault.menu_vault
+#: model_terms:ir.ui.view,arch_db:vault.res_config_settings_view_form
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_search
 #, python-format
 msgid "Vault"
 msgstr ""
@@ -1153,6 +1225,18 @@ msgstr ""
 msgid "Vault Right"
 msgstr ""
 
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.res_config_settings_view_form
+msgid "Vault Share"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_inbox_log.py:0
+#: model:ir.model,name:vault.model_vault_inbox_log
+#, python-format
+msgid "Vault inbox log"
+msgstr ""
+
 #. module: vault
 #: code:addons/vault/models/vault_right.py:0
 #: model:ir.model,name:vault.model_vault_right
@@ -1199,6 +1283,18 @@ msgstr ""
 msgid "Write"
 msgstr ""
 
+#. module: vault
+#: code:addons/vault/models/vault_inbox.py:0
+#, python-format
+msgid "Written by %s via %s"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_entry.py:0
+#, python-format
+msgid "You can not create recursive entries."
+msgstr ""
+
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_send_wizard
 msgid ""

From 3924e003c5f0b582d98071da12af6edbe79dff51 Mon Sep 17 00:00:00 2001
From: oca-travis <oca+oca-travis@odoo-community.org>
Date: Fri, 18 Mar 2022 09:50:39 +0000
Subject: [PATCH 09/71] Update vault_share.pot

---
 vault_share/i18n/vault_share.pot | 80 ++++++++++++++++++++++++++++++++
 1 file changed, 80 insertions(+)

diff --git a/vault_share/i18n/vault_share.pot b/vault_share/i18n/vault_share.pot
index 9ab807534b..8fd3ff71c6 100644
--- a/vault_share/i18n/vault_share.pot
+++ b/vault_share/i18n/vault_share.pot
@@ -25,18 +25,55 @@ msgstr ""
 msgid "Clean outgoing share"
 msgstr ""
 
+#. module: vault_share
+#: model:ir.model,name:vault_share.model_res_company
+msgid "Companies"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model,name:vault_share.model_res_config_settings
+msgid "Config Settings"
+msgstr ""
+
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__create_uid
+#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__create_uid
 msgid "Created by"
 msgstr ""
 
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__create_date
+#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__create_date
 msgid "Created on"
 msgstr ""
 
 #. module: vault_share
+#: model_terms:ir.ui.view,arch_db:vault_share.res_config_settings_view_form
+msgid "Days"
+msgstr ""
+
+#. module: vault_share
+#: model_terms:ir.ui.view,arch_db:vault_share.res_config_settings_view_form
+msgid "Delay the deletion of shares"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_res_config_settings__vault_share_delay
+msgid "Delayed Deletion"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,help:vault_share.field_res_config_settings__vault_share_delay
+msgid ""
+"Delays the deletion of a share. After the expiration date it continues to "
+"stay inaccessible"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_res_company__display_name
+#: model:ir.model.fields,field_description:vault_share.field_res_config_settings__display_name
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__display_name
+#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__display_name
 msgid "Display Name"
 msgstr ""
 
@@ -56,7 +93,10 @@ msgid "Filename"
 msgstr ""
 
 #. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_res_company__id
+#: model:ir.model.fields,field_description:vault_share.field_res_config_settings__id
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__id
+#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__id
 msgid "ID"
 msgstr ""
 
@@ -72,22 +112,33 @@ msgid "Iv"
 msgstr ""
 
 #. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_res_company____last_update
+#: model:ir.model.fields,field_description:vault_share.field_res_config_settings____last_update
 #: model:ir.model.fields,field_description:vault_share.field_vault_share____last_update
+#: model:ir.model.fields,field_description:vault_share.field_vault_share_log____last_update
 msgid "Last Modified on"
 msgstr ""
 
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__write_uid
+#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__write_uid
 msgid "Last Updated by"
 msgstr ""
 
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__write_date
+#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__write_date
 msgid "Last Updated on"
 msgstr ""
 
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__log_ids
+msgid "Log"
+msgstr ""
+
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__name
+#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__name
 msgid "Name"
 msgstr ""
 
@@ -128,6 +179,11 @@ msgstr ""
 msgid "Secret File"
 msgstr ""
 
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__share_id
+msgid "Share"
+msgstr ""
+
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__share_link
 msgid "Share URL"
@@ -185,6 +241,18 @@ msgstr ""
 msgid "The secret expired"
 msgstr ""
 
+#. module: vault_share
+#: code:addons/vault_share/models/vault_share.py:0
+#, python-format
+msgid "The share was accessed by %s via %s"
+msgstr ""
+
+#. module: vault_share
+#: code:addons/vault_share/models/vault_share.py:0
+#, python-format
+msgid "The share was created by %s"
+msgstr ""
+
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__token
 msgid "Token"
@@ -200,6 +268,18 @@ msgstr ""
 msgid "Using this link and pin people can access the secret."
 msgstr ""
 
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_res_company__vault_share_delay
+msgid "Vault Share Delay"
+msgstr ""
+
+#. module: vault_share
+#: code:addons/vault_share/models/vault_share_log.py:0
+#: model:ir.model,name:vault_share.model_vault_share_log
+#, python-format
+msgid "Vault share log"
+msgstr ""
+
 #. module: vault_share
 #: code:addons/vault_share/models/vault_share.py:0
 #: model:ir.model,name:vault_share.model_vault_share

From 3c93d7d25719e1b2736e8fa97de6771c92c5a9d3 Mon Sep 17 00:00:00 2001
From: OCA-git-bot <oca-git-bot@odoo-community.org>
Date: Fri, 18 Mar 2022 10:27:06 +0000
Subject: [PATCH 10/71] README.rst

---
 vault/README.rst                    | 6 ++++--
 vault/static/description/index.html | 5 ++---
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/vault/README.rst b/vault/README.rst
index 401452e0e8..17108934ad 100644
--- a/vault/README.rst
+++ b/vault/README.rst
@@ -29,6 +29,8 @@ This module implements a vault for secrets and files using end-to-end-encryption
 
 The server can never access the secrets with the information available. Only people registered in the vault can decrypt or encrypt values in a vault. The meta data isn't encrypted to be able to search/filter for entries more easily.
 
+This modules requires a secure context for the browser to work properly.
+
 **Table of contents**
 
 .. contents::
@@ -39,13 +41,13 @@ Known issues / Roadmap
 
 * Field and file history for restoration
 
+* Send secrets directly to an inbox within Odoo
+
 * Import improvement
 
  * Support challenge-response/FIDO2
  * Support for argon2 and kdbx v4
 
-* Properly handle missing Crypto API because no https
-
 Bug Tracker
 ===========
 
diff --git a/vault/static/description/index.html b/vault/static/description/index.html
index 98c16a698a..bc62beeb29 100644
--- a/vault/static/description/index.html
+++ b/vault/static/description/index.html
@@ -370,6 +370,7 @@ <h1 class="title">Vault</h1>
 <p><a class="reference external" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external" href="https://github.com/OCA/server-auth/tree/14.0/vault"><img alt="OCA/server-auth" src="https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github" /></a> <a class="reference external" href="https://translation.odoo-community.org/projects/server-auth-14-0/server-auth-14-0-vault"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external" href="https://runbot.odoo-community.org/runbot/251/14.0"><img alt="Try me on Runbot" src="https://img.shields.io/badge/runbot-Try%20me-875A7B.png" /></a></p>
 <p>This module implements a vault for secrets and files using end-to-end-encryption. The encryption and decryption happens in the browser using a vault specific shared master key. The master keys are encrypted using asymmetrically. For this the user has to enter a second password on the first login or if he needs to access data in a vault. The asymmetric keys are stored for a certain time in the browser storage.</p>
 <p>The server can never access the secrets with the information available. Only people registered in the vault can decrypt or encrypt values in a vault. The meta data isn’t encrypted to be able to search/filter for entries more easily.</p>
+<p>This modules requires a secure context for the browser to work properly.</p>
 <p><strong>Table of contents</strong></p>
 <div class="contents local topic" id="contents">
 <ul class="simple">
@@ -387,6 +388,7 @@ <h1 class="title">Vault</h1>
 <h1><a class="toc-backref" href="#id1">Known issues / Roadmap</a></h1>
 <ul class="simple">
 <li>Field and file history for restoration</li>
+<li>Send secrets directly to an inbox within Odoo</li>
 <li>Import improvement</li>
 </ul>
 <blockquote>
@@ -395,9 +397,6 @@ <h1><a class="toc-backref" href="#id1">Known issues / Roadmap</a></h1>
 <li>Support for argon2 and kdbx v4</li>
 </ul>
 </blockquote>
-<ul class="simple">
-<li>Properly handle missing Crypto API because no https</li>
-</ul>
 </div>
 <div class="section" id="bug-tracker">
 <h1><a class="toc-backref" href="#id2">Bug Tracker</a></h1>

From d73d2832aa78897be9b06506a6937eb2625170dc Mon Sep 17 00:00:00 2001
From: oca-git-bot <oca-git-bot@odoo-community.org>
Date: Thu, 31 Mar 2022 17:36:04 +0200
Subject: [PATCH 11/71] update dotfiles [ci skip]

---
 vault/controllers/main.py | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/vault/controllers/main.py b/vault/controllers/main.py
index 2c170bb9b9..176254fe24 100644
--- a/vault/controllers/main.py
+++ b/vault/controllers/main.py
@@ -76,7 +76,7 @@ def vault_inbox(self, token):
 
     @http.route("/vault/public", type="json")
     def vault_public(self, user_id):
-        """ Get the public key of a specific user """
+        """Get the public key of a specific user"""
         user = request.env["res.users"].sudo().browse(user_id).exists()
         if not user or not user.keys:
             return {}
@@ -85,23 +85,23 @@ def vault_public(self, user_id):
 
     @http.route("/vault/keys/store", auth="user", type="json")
     def vault_store_keys(self, **kwargs):
-        """ Store the key pair for the current user """
+        """Store the key pair for the current user"""
         return request.env["res.users.key"].store(**kwargs)
 
     @http.route("/vault/keys/get", auth="user", type="json")
     def vault_get_keys(self):
-        """ Get the currently active key pair """
+        """Get the currently active key pair"""
         return request.env.user.get_vault_keys()
 
     @http.route("/vault/rights/get", auth="user", type="json")
     def vault_get_right_keys(self):
-        """ Get the master keys from the vault.right records """
+        """Get the master keys from the vault.right records"""
         rights = request.env.user.vault_right_ids
         return {right.vault_id.uuid: right.key for right in rights}
 
     @http.route("/vault/rights/store", auth="user", type="json")
     def vault_store_right_keys(self, keys):
-        """ Store the master keys to the specific vault.right records """
+        """Store the master keys to the specific vault.right records"""
         if not isinstance(keys, dict):
             return
 

From d67eab4cb67b6beff35376b01df79432679653a9 Mon Sep 17 00:00:00 2001
From: fkantelberg <florian.kantelberg@initos.com>
Date: Thu, 14 Apr 2022 09:18:50 +0200
Subject: [PATCH 12/71] Prevent locking out the user from the private key when
 the login was changed

Note about disaster recovery project

Add missing dependency to base_setup for res.config.settings view
---
 vault/__manifest__.py         |  2 +-
 vault/models/res_users.py     |  1 +
 vault/models/res_users_key.py | 15 +++++++++++----
 vault/readme/DESCRIPTION.rst  |  2 ++
 vault/static/src/js/vault.js  | 28 ++++++++++++++++++++++++----
 vault/tests/test_vault.py     | 13 ++++++++-----
 6 files changed, 47 insertions(+), 14 deletions(-)

diff --git a/vault/__manifest__.py b/vault/__manifest__.py
index 1d823cb790..91204f345e 100644
--- a/vault/__manifest__.py
+++ b/vault/__manifest__.py
@@ -10,7 +10,7 @@
     "application": True,
     "author": "initOS GmbH, Odoo Community Association (OCA)",
     "category": "Vault",
-    "depends": ["web"],
+    "depends": ["base_setup", "web"],
     "data": [
         "security/ir.model.access.csv",
         "security/ir_rule.xml",
diff --git a/vault/models/res_users.py b/vault/models/res_users.py
index 11e52ecb5a..4511910c29 100644
--- a/vault/models/res_users.py
+++ b/vault/models/res_users.py
@@ -61,4 +61,5 @@ def get_vault_keys(self):
             "public": self.active_key.public,
             "salt": self.active_key.salt,
             "uuid": self.active_key.uuid,
+            "version": self.active_key.version,
         }
diff --git a/vault/models/res_users_key.py b/vault/models/res_users_key.py
index 4fdff0f795..6c3ae5bc1b 100644
--- a/vault/models/res_users_key.py
+++ b/vault/models/res_users_key.py
@@ -26,6 +26,7 @@ class ResUsersKey(models.Model):
     salt = fields.Char(required=True, readonly=True)
     iv = fields.Char(required=True, readonly=True)
     iterations = fields.Integer(required=True, readonly=True)
+    version = fields.Integer(readonly=True)
     # Encrypted with master password of user
     private = fields.Char(required=True, readonly=True)
 
@@ -38,7 +39,7 @@ def _compute_fingerprint(self):
             else:
                 rec.fingerprint = False
 
-    def _prepare_values(self, iterations, iv, private, public, salt):
+    def _prepare_values(self, iterations, iv, private, public, salt, version):
         return {
             "iterations": iterations,
             "iv": iv,
@@ -47,27 +48,33 @@ def _prepare_values(self, iterations, iv, private, public, salt):
             "salt": salt,
             "user_id": self.env.uid,
             "current": True,
+            "version": version,
         }
 
-    def store(self, iterations, iv, private, public, salt):
+    def store(self, iterations, iv, private, public, salt, version):
         if not all(isinstance(x, str) and x for x in [public, private, iv, salt]):
             raise ValidationError(_("Invalid parameter"))
 
         if not isinstance(iterations, int) or iterations < 4000:
             raise ValidationError(_("Invalid parameter"))
 
+        if not isinstance(version, int):
+            raise ValidationError(_("Invalid parameter"))
+
         domain = [
             ("user_id", "=", self.env.uid),
             ("private", "=", private),
         ]
-        if not self.search(domain):
+        key = self.search(domain)
+        if not key:
             # Disable all current keys
             self.env.user.keys.write({"current": False})
 
             rec = self.create(
-                self._prepare_values(iterations, iv, private, public, salt)
+                self._prepare_values(iterations, iv, private, public, salt, version)
             )
             return rec.uuid
+
         return False
 
     def extract_public_key(self, user):
diff --git a/vault/readme/DESCRIPTION.rst b/vault/readme/DESCRIPTION.rst
index 3f156370e8..8d77993dc9 100644
--- a/vault/readme/DESCRIPTION.rst
+++ b/vault/readme/DESCRIPTION.rst
@@ -3,3 +3,5 @@ This module implements a vault for secrets and files using end-to-end-encryption
 The server can never access the secrets with the information available. Only people registered in the vault can decrypt or encrypt values in a vault. The meta data isn't encrypted to be able to search/filter for entries more easily.
 
 This modules requires a secure context for the browser to work properly.
+
+The `vault-recovery <https://github.com/fkantelberg/vault-recovery>`_ project focuses on disaster recovery in case of an incident to recover secrets from old database backups or old exports.
diff --git a/vault/static/src/js/vault.js b/vault/static/src/js/vault.js
index 2c4e16da40..9bac482838 100644
--- a/vault/static/src/js/vault.js
+++ b/vault/static/src/js/vault.js
@@ -42,7 +42,7 @@ odoo.define("vault", function (require) {
         if (askpass.keyfile)
             password += await utils.digest(utils.toBinary(askpass.keyfile));
 
-        return session.username + "|" + password;
+        return password;
     }
 
     // Vault implementation
@@ -91,6 +91,15 @@ odoo.define("vault", function (require) {
             await this._export_to_store();
         },
 
+        /**
+         * Check if export to database is required due to key migration
+         *
+         * @private
+         */
+        _check_key_migration: async function (password = null) {
+            if (!this.version) await this._export_to_database(password);
+        },
+
         /**
          * Lazy initialization of the keys which is not fully loading the keys
          * into the javascript but ensures that keys exist in the database to
@@ -282,17 +291,18 @@ odoo.define("vault", function (require) {
          * @private
          * @returns if the export to the database succeeded
          */
-        _export_to_database: async function () {
+        _export_to_database: async function (password = null) {
             // Generate salt for the user key
             this.salt = utils.generate_bytes(utils.SaltLength).buffer;
             this.iterations = 4000;
+            this.version = 1;
 
             // Wrap the private key with the master key of the user
             this.iv = utils.generate_bytes(utils.IVLength);
 
             // Request the password from the user and derive the user key
             const pass = await utils.derive_key(
-                await askpassword(true),
+                password || (await askpassword(true)),
                 this.salt,
                 this.iterations
             );
@@ -315,6 +325,7 @@ odoo.define("vault", function (require) {
                 iv: utils.toBase64(this.iv),
                 iterations: this.iterations,
                 salt: utils.toBase64(this.salt),
+                version: this.version,
             };
 
             // Export to the server
@@ -339,10 +350,17 @@ odoo.define("vault", function (require) {
             if (Object.keys(params).length) {
                 this.salt = utils.fromBase64(params.salt);
                 this.iterations = params.iterations;
+                this.version = params.version || 0;
 
                 // Request the password from the user and derive the user key
+                const raw_password = await askpassword(false);
+                let password = raw_password;
+
+                // Compatibility
+                if (!this.version) password = session.username + "|" + password;
+
                 const pass = await utils.derive_key(
-                    await askpassword(),
+                    password,
                     this.salt,
                     this.iterations
                 );
@@ -358,6 +376,8 @@ odoo.define("vault", function (require) {
 
                 this.time = new Date();
                 this.uuid = params.uuid;
+
+                this._check_key_migration(raw_password);
                 return true;
             }
             return false;
diff --git a/vault/tests/test_vault.py b/vault/tests/test_vault.py
index 58f5326e87..545cb615e4 100644
--- a/vault/tests/test_vault.py
+++ b/vault/tests/test_vault.py
@@ -83,23 +83,26 @@ def test_store_keys(self):
 
         # Raise some errors because of wrong parameters
         with self.assertRaises(ValidationError):
-            model.store(1, "iv", "private", "public", 42)
+            model.store(1, "iv", "private", "public", 42, 42)
 
         with self.assertRaises(ValidationError):
-            model.store(3000, "iv", "private", "public", "salt")
+            model.store(3000, "iv", "private", "public", "salt", 42)
+
+        with self.assertRaises(ValidationError):
+            model.store(4000, "iv", "private", "public", "salt", "abc")
 
         # Actually store a new key
-        uuid = model.store(4000, "iv", "private", "public", "salt")
+        uuid = model.store(4000, "iv", "private", "public", "salt", 42)
         rec = model.search([("uuid", "=", uuid)])
         self.assertEqual(rec.private, "private")
         self.assertTrue(rec.current)
 
         # Don't store the same again
-        uuid = model.store(4000, "iv", "private", "public", "salt")
+        uuid = model.store(4000, "iv", "private", "public", "salt", 42)
         self.assertFalse(uuid)
 
         # Store a new one and disable the old one
-        uuid = model.store(4000, "iv", "more private", "public", "salt")
+        uuid = model.store(4000, "iv", "more private", "public", "salt", 42)
         self.assertFalse(rec.current)
 
         rec = model.search([("uuid", "=", uuid)])

From 28e4ed6cf3b02cd273a2f36b05e64bd237472b6d Mon Sep 17 00:00:00 2001
From: oca-ci <oca-ci@odoo-community.org>
Date: Sun, 12 Jun 2022 17:08:17 +0000
Subject: [PATCH 13/71] Update vault.pot

---
 vault/i18n/vault.pot | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/vault/i18n/vault.pot b/vault/i18n/vault.pot
index cce67d80c4..f4553d5aac 100644
--- a/vault/i18n/vault.pot
+++ b/vault/i18n/vault.pot
@@ -607,6 +607,7 @@ msgstr ""
 #. module: vault
 #: code:addons/vault/models/res_users_key.py:0
 #: code:addons/vault/models/res_users_key.py:0
+#: code:addons/vault/models/res_users_key.py:0
 #, python-format
 msgid "Invalid parameter"
 msgstr ""
@@ -1258,6 +1259,11 @@ msgstr ""
 msgid "Vault tag"
 msgstr ""
 
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__version
+msgid "Version"
+msgstr ""
+
 #. module: vault
 #: code:addons/vault/models/vault_log.py:0
 #, python-format

From aac9791b68afb335bf65f3f9a2c255b339257cd9 Mon Sep 17 00:00:00 2001
From: OCA-git-bot <oca-git-bot@odoo-community.org>
Date: Sun, 12 Jun 2022 17:11:59 +0000
Subject: [PATCH 14/71] README.rst

---
 vault/README.rst                    | 2 ++
 vault/static/description/index.html | 1 +
 2 files changed, 3 insertions(+)

diff --git a/vault/README.rst b/vault/README.rst
index 17108934ad..67d1344e60 100644
--- a/vault/README.rst
+++ b/vault/README.rst
@@ -31,6 +31,8 @@ The server can never access the secrets with the information available. Only peo
 
 This modules requires a secure context for the browser to work properly.
 
+The `vault-recovery <https://github.com/fkantelberg/vault-recovery>`_ project focuses on disaster recovery in case of an incident to recover secrets from old database backups or old exports.
+
 **Table of contents**
 
 .. contents::
diff --git a/vault/static/description/index.html b/vault/static/description/index.html
index bc62beeb29..2a1a8ce5f1 100644
--- a/vault/static/description/index.html
+++ b/vault/static/description/index.html
@@ -371,6 +371,7 @@ <h1 class="title">Vault</h1>
 <p>This module implements a vault for secrets and files using end-to-end-encryption. The encryption and decryption happens in the browser using a vault specific shared master key. The master keys are encrypted using asymmetrically. For this the user has to enter a second password on the first login or if he needs to access data in a vault. The asymmetric keys are stored for a certain time in the browser storage.</p>
 <p>The server can never access the secrets with the information available. Only people registered in the vault can decrypt or encrypt values in a vault. The meta data isn’t encrypted to be able to search/filter for entries more easily.</p>
 <p>This modules requires a secure context for the browser to work properly.</p>
+<p>The <a class="reference external" href="https://github.com/fkantelberg/vault-recovery">vault-recovery</a> project focuses on disaster recovery in case of an incident to recover secrets from old database backups or old exports.</p>
 <p><strong>Table of contents</strong></p>
 <div class="contents local topic" id="contents">
 <ul class="simple">

From f7ab44afb8941bc431c0ea106efe4ef8bc750109 Mon Sep 17 00:00:00 2001
From: OCA-git-bot <oca-git-bot@odoo-community.org>
Date: Sun, 12 Jun 2022 17:11:59 +0000
Subject: [PATCH 15/71] vault 14.0.1.6.1

---
 vault/__manifest__.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vault/__manifest__.py b/vault/__manifest__.py
index 91204f345e..63a2634337 100644
--- a/vault/__manifest__.py
+++ b/vault/__manifest__.py
@@ -5,7 +5,7 @@
     "name": "Vault",
     "summary": "Password vault integration in Odoo",
     "license": "AGPL-3",
-    "version": "14.0.1.6.0",
+    "version": "14.0.1.6.1",
     "website": "https://github.com/OCA/server-auth",
     "application": True,
     "author": "initOS GmbH, Odoo Community Association (OCA)",

From 743f855ab8915ad8dda974ae17f6d5fa9b0d367d Mon Sep 17 00:00:00 2001
From: CarlosRoca13 <carlos.roca@tecnativa.com>
Date: Wed, 31 Aug 2022 12:19:47 +0200
Subject: [PATCH 16/71] vault: complete_name not computed when created from
 other entry

Before the path if we create a new child entry from other entry, the
complte_name of the entry is not changing when we save the new entry.

Doing this changes, we are getting the complete_name correctly.

TT38729
---
 vault/views/vault_entry_views.xml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/vault/views/vault_entry_views.xml b/vault/views/vault_entry_views.xml
index d51c20d233..d72c91f8eb 100644
--- a/vault/views/vault_entry_views.xml
+++ b/vault/views/vault_entry_views.xml
@@ -53,6 +53,7 @@
                                 name="parent_id"
                                 options="{'no_open': true, 'no_create_edit': true, 'no_quick_create': true}"
                             />
+                            <field name="complete_name" invisible="1" />
                             <field name="name" />
                             <field name="url" widget="url" />
                             <field name="tags" widget="many2many_tags" />

From 2bbbab5a2a6debf854c6356e377c199e8a3d34b0 Mon Sep 17 00:00:00 2001
From: OCA-git-bot <oca-git-bot@odoo-community.org>
Date: Wed, 31 Aug 2022 13:31:30 +0000
Subject: [PATCH 17/71] vault 14.0.1.6.2

---
 vault/__manifest__.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vault/__manifest__.py b/vault/__manifest__.py
index 63a2634337..4f4d1e76c5 100644
--- a/vault/__manifest__.py
+++ b/vault/__manifest__.py
@@ -5,7 +5,7 @@
     "name": "Vault",
     "summary": "Password vault integration in Odoo",
     "license": "AGPL-3",
-    "version": "14.0.1.6.1",
+    "version": "14.0.1.6.2",
     "website": "https://github.com/OCA/server-auth",
     "application": True,
     "author": "initOS GmbH, Odoo Community Association (OCA)",

From ca99d45ae8c8eb50731d851d0fc896f8a69b517b Mon Sep 17 00:00:00 2001
From: CarlosRoca13 <carlos.roca@tecnativa.com>
Date: Mon, 6 Jun 2022 11:27:39 +0200
Subject: [PATCH 18/71] vault: Show just name instad of full path in
 searchpanel

vault: Searchpanel improvements:

- Add a domain to only show records with children.
- Set limit to False.

TT38731

vault: Add Vaults to searchpanel view. TT38731
---
 vault/i18n/es.po                  | 1315 +++++++++++++++++++++++++++++
 vault/i18n/vault.pot              |   22 +-
 vault/models/vault_entry.py       |   33 +
 vault/tests/test_vault.py         |    6 +
 vault/views/vault_entry_views.xml |    1 +
 vault_share/i18n/es.po            |  288 +++++++
 vault_share/i18n/vault_share.pot  |   13 +-
 7 files changed, 1654 insertions(+), 24 deletions(-)
 create mode 100644 vault/i18n/es.po
 create mode 100644 vault_share/i18n/es.po

diff --git a/vault/i18n/es.po b/vault/i18n/es.po
new file mode 100644
index 0000000000..97fb12fdf5
--- /dev/null
+++ b/vault/i18n/es.po
@@ -0,0 +1,1315 @@
+# Translation of Odoo Server.
+# This file contains the translation of the following modules:
+# 	* vault
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Odoo Server 14.0\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2022-06-06 06:57+0000\n"
+"PO-Revision-Date: \n"
+"Last-Translator: \n"
+"Language-Team: \n"
+"Language: es\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Generator: Poedit 2.3\n"
+
+#. module: vault
+#: code:addons/vault/models/vault_entry.py:0
+#, python-format
+msgid "%s entry %s by %s"
+msgstr "%s registrado %s por %s"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "A-Z"
+msgstr "A-Z"
+
+#. module: vault
+#: code:addons/vault/models/abstract_vault_field.py:0
+#: model:ir.model,name:vault.model_vault_abstract_field
+#, python-format
+msgid "Abstract model to implement basic fields for encryption"
+msgstr "Modelo abstracto para implementar los campos básicos de encriptación"
+
+#. module: vault
+#: code:addons/vault/models/abstract_vault.py:0
+#: model:ir.model,name:vault.model_vault_abstract
+#, python-format
+msgid "Abstract model to implement general access rights"
+msgstr "Modelo abstracto para aplicar los derechos de acceso generales"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__accesses
+msgid "Access counter"
+msgstr "Contador de acceso"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users__active_key
+msgid "Active Key"
+msgstr "Clave activa"
+
+#. module: vault
+#: model:ir.actions.act_window,name:vault.action_vault_entry
+#: model:ir.ui.menu,name:vault.menu_vault_entry
+msgid "All Entries"
+msgstr "Todos los registros"
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.res_config_settings_view_form
+msgid "Allow the usage to share secrets with external users"
+msgstr "Permitir el uso para compartir secretos con usuarios externos"
+
+#. module: vault
+#: model:ir.model.fields,help:vault.field_vault_right__perm_create
+msgid "Allow to create in the vault"
+msgstr "Permitir crear en el vault"
+
+#. module: vault
+#: model:ir.model.fields,help:vault.field_vault_right__perm_delete
+msgid "Allow to delete a vault"
+msgstr "Permitir borrar un vault"
+
+#. module: vault
+#: model:ir.model.fields,help:vault.field_vault_right__perm_share
+msgid "Allow to share a vault with new users"
+msgstr "Permitir compartir un vault con nuevos usuarios"
+
+#. module: vault
+#: model:ir.model.fields,help:vault.field_vault_right__perm_write
+msgid "Allow to write to the vault"
+msgstr "Permitir escribir en un vault"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__allowed_create
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__allowed_create
+#: model:ir.model.fields,field_description:vault.field_vault_entry__allowed_create
+#: model:ir.model.fields,field_description:vault.field_vault_field__allowed_create
+#: model:ir.model.fields,field_description:vault.field_vault_file__allowed_create
+#: model:ir.model.fields,field_description:vault.field_vault_right__allowed_create
+msgid "Allowed Create"
+msgstr "Permitido crear"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__allowed_delete
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__allowed_delete
+#: model:ir.model.fields,field_description:vault.field_vault_entry__allowed_delete
+#: model:ir.model.fields,field_description:vault.field_vault_field__allowed_delete
+#: model:ir.model.fields,field_description:vault.field_vault_file__allowed_delete
+#: model:ir.model.fields,field_description:vault.field_vault_right__allowed_delete
+msgid "Allowed Delete"
+msgstr "Permitido borrar"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__allowed_read
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__allowed_read
+#: model:ir.model.fields,field_description:vault.field_vault_entry__allowed_read
+#: model:ir.model.fields,field_description:vault.field_vault_field__allowed_read
+#: model:ir.model.fields,field_description:vault.field_vault_file__allowed_read
+#: model:ir.model.fields,field_description:vault.field_vault_right__allowed_read
+msgid "Allowed Read"
+msgstr "Permitido leer"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__allowed_share
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__allowed_share
+#: model:ir.model.fields,field_description:vault.field_vault_entry__allowed_share
+#: model:ir.model.fields,field_description:vault.field_vault_field__allowed_share
+#: model:ir.model.fields,field_description:vault.field_vault_file__allowed_share
+#: model:ir.model.fields,field_description:vault.field_vault_right__allowed_share
+msgid "Allowed Share"
+msgstr "Permitido añadir usuarios"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__allowed_write
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__allowed_write
+#: model:ir.model.fields,field_description:vault.field_vault_entry__allowed_write
+#: model:ir.model.fields,field_description:vault.field_vault_field__allowed_write
+#: model:ir.model.fields,field_description:vault.field_vault_file__allowed_write
+#: model:ir.model.fields,field_description:vault.field_vault_right__allowed_write
+msgid "Allowed Write"
+msgstr "Permitido escribir"
+
+#. module: vault
+#: code:addons/vault/controllers/main.py:0
+#, python-format
+msgid "An error occured. Please contact the user or administrator"
+msgstr ""
+"Se ha producido un error. Por favor, póngase en contacto con el usuario o el "
+"administrador"
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_right_overview_search
+msgid "By user"
+msgstr "Por usuario"
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_right_overview_search
+msgid "By vault"
+msgstr "Por vault"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault_utils.js:0
+#: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_import_wizard
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_send_wizard
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_store_wizard
+#, python-format
+msgid "Cancel"
+msgstr "Cancelar"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault_utils.js:0
+#, python-format
+msgid "Cancelled"
+msgstr "Cancelado"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Characters:"
+msgstr "Caracteres:"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_entry__child_ids
+msgid "Child"
+msgstr "Hijo"
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_form
+msgid "Childs"
+msgstr "Hijos"
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_export_wizard
+msgid "Close"
+msgstr "Cerrar"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_entry__complete_name
+msgid "Complete Name"
+msgstr "Nombre completo"
+
+#. module: vault
+#: model:ir.model,name:vault.model_res_config_settings
+msgid "Config Settings"
+msgstr "Opciones de Configuración"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Confirm your password:"
+msgstr "Confirma tu contraseña:"
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_form
+msgid "Content"
+msgstr "Contenido"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Copy to clipboard"
+msgstr "Copiar al portapapeles"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_right__perm_create
+msgid "Create"
+msgstr "Creat"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_entry__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_field__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_file__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_inbox_log__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_log__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_right__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_tag__create_uid
+msgid "Created by"
+msgstr "Creado por"
+
+#. module: vault
+#: code:addons/vault/wizards/vault_send_wizard.py:0
+#, python-format
+msgid "Created by %s"
+msgstr "Creado por %s"
+
+#. module: vault
+#: code:addons/vault/models/vault_inbox.py:0
+#, python-format
+msgid "Created by %s via %s"
+msgstr "Creado por %s via %s"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__create_date
+#: model:ir.model.fields,field_description:vault.field_vault__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_entry__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_field__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_file__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_inbox_log__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_log__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_right__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_tag__create_date
+msgid "Created on"
+msgstr "Creado el"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__crypted_content
+msgid "Crypted Content"
+msgstr "Contenido encriptado"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__current
+msgid "Current"
+msgstr "Actual"
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_import_wizard
+msgid "Custom JSON format <b>.json</b>"
+msgstr "Formato JSON personalizado <b>.json</b>"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__content
+msgid "Database"
+msgstr "Base de datos"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_right__perm_delete
+msgid "Delete"
+msgstr "Borrar"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__display_name
+#: model:ir.model.fields,field_description:vault.field_vault__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_abstract__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_entry__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_field__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_file__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_inbox_log__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_log__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_right__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_tag__display_name
+msgid "Display Name"
+msgstr "Nombre a mostrar"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault_controller.js:0
+#, python-format
+msgid "Do you really want to create a new key pair and set it active?"
+msgstr "¿Realmente quieres crear un nuevo par de claves y activarlo?"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__content
+msgid "Download"
+msgstr "Descargar"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault_utils.js:0
+#, python-format
+msgid "Enter"
+msgstr "Ingrese a"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Enter your password:"
+msgstr "Ingresa tu contraseña:"
+
+#. module: vault
+#: model:ir.actions.act_window,name:vault.action_open_entries
+#: model:ir.model.fields,field_description:vault.field_vault__entry_ids
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__entry_id
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_search
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_form
+msgid "Entries"
+msgstr "Registros"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__entry_id
+#: model:ir.model.fields,field_description:vault.field_vault_field__entry_id
+#: model:ir.model.fields,field_description:vault.field_vault_file__entry_id
+#: model:ir.model.fields,field_description:vault.field_vault_log__entry_id
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__entry_id
+msgid "Entry"
+msgstr "Registro"
+
+#. module: vault
+#: code:addons/vault/models/vault_entry.py:0
+#: model:ir.model,name:vault.model_vault_entry
+#, python-format
+msgid "Entry inside a vault"
+msgstr "Entrar al interior de un vault"
+
+#. module: vault
+#: code:addons/vault/models/vault_log.py:0
+#, python-format
+msgid "Error"
+msgstr "Error"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__expiration
+msgid "Expiration"
+msgstr "Expiración"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_entry__expired
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_search
+msgid "Expired"
+msgstr "Expirado"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_entry__expire_date
+msgid "Expires on"
+msgstr "Expira en"
+
+#. module: vault
+#: code:addons/vault/models/vault.py:0
+#: code:addons/vault/models/vault_entry.py:0
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_form
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_form
+#, python-format
+msgid "Export to file"
+msgstr "Exportar a fichero"
+
+#. module: vault
+#: code:addons/vault/wizards/vault_export_wizard.py:0
+#: model:ir.model,name:vault.model_vault_export_wizard
+#, python-format
+msgid "Export wizard for vaults"
+msgstr "Asistente de exportación para vaults"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault.js:0
+#, python-format
+msgid "Failed to export keys to object store"
+msgstr "Fallo en la exportación de claves al almacén de objetos"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault.js:0
+#, python-format
+msgid "Failed to export the keys to the database"
+msgstr "Fallo en la exportación de claves a la base de datos"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault.js:0
+#, python-format
+msgid "Failed to import keys from database"
+msgstr "Fallo en la importación de claves desde la base de datos"
+
+#. module: vault
+#: code:addons/vault/models/vault_field.py:0
+#: model:ir.model,name:vault.model_vault_field
+#, python-format
+msgid "Field of a vault"
+msgstr "Campo de un vault"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__field_ids
+#: model:ir.model.fields,field_description:vault.field_vault_entry__field_ids
+msgid "Fields"
+msgstr "Campos"
+
+#. module: vault
+#: code:addons/vault/models/vault_file.py:0
+#: model:ir.model,name:vault.model_vault_file
+#, python-format
+msgid "File of a vault"
+msgstr "Fichero de un vault"
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.inbox
+msgid "File to share:"
+msgstr "Fichero a compartir:"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__filename
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__filename
+msgid "Filename"
+msgstr "Nombre del fichero"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__file_ids
+#: model:ir.model.fields,field_description:vault.field_vault_entry__file_ids
+msgid "Files"
+msgstr "Ficheros"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__fingerprint
+msgid "Fingerprint"
+msgstr "Huella digital"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Generate"
+msgstr "Generar"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Generate a new secret:"
+msgstr "Generar nuevo secreto:"
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_right_overview_search
+msgid "Grouped"
+msgstr "Agrupado"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Hide"
+msgstr "Ocultar"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__id
+#: model:ir.model.fields,field_description:vault.field_vault__id
+#: model:ir.model.fields,field_description:vault.field_vault_abstract__id
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__id
+#: model:ir.model.fields,field_description:vault.field_vault_entry__id
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__id
+#: model:ir.model.fields,field_description:vault.field_vault_field__id
+#: model:ir.model.fields,field_description:vault.field_vault_file__id
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__id
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__id
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__id
+#: model:ir.model.fields,field_description:vault.field_vault_inbox_log__id
+#: model:ir.model.fields,field_description:vault.field_vault_log__id
+#: model:ir.model.fields,field_description:vault.field_vault_right__id
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__id
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__id
+#: model:ir.model.fields,field_description:vault.field_vault_tag__id
+msgid "ID"
+msgstr "ID"
+
+#. module: vault
+#: model:ir.model.fields,help:vault.field_vault_inbox__expiration
+msgid "If expired the inbox can't be written using the link"
+msgstr ""
+"Si ha caducado, la bandeja de entrada no puede escribirse utilizando el "
+"enlace"
+
+#. module: vault
+#: model:ir.model.fields,help:vault.field_vault_inbox__accesses
+msgid "If this is 0 the inbox can't be written using the link"
+msgstr ""
+"Si esto es 0 la bandeja de entrada no puede ser escrita usando el enlace"
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_import_wizard
+msgid "Import"
+msgstr "Importar"
+
+#. module: vault
+#: code:addons/vault/models/vault.py:0
+#: code:addons/vault/models/vault_entry.py:0
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_form
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_form
+#, python-format
+msgid "Import from file"
+msgstr "Importar desde archivo"
+
+#. module: vault
+#: code:addons/vault/wizards/vault_import_wizard.py:0
+#: model:ir.model,name:vault.model_vault_import_wizard
+#, python-format
+msgid "Import wizard for vaults"
+msgstr "Asistente de importación para vaults"
+
+#. module: vault
+#: code:addons/vault/wizards/vault_import_wizard.py:0
+#: model:ir.model,name:vault.model_vault_import_wizard_path
+#, python-format
+msgid "Import wizard path for vaults"
+msgstr "Ruta del asistente de importación para vaults"
+
+#. module: vault
+#: model:ir.actions.act_window,name:vault.action_vault_inbox
+#: model:ir.model.fields,field_description:vault.field_vault_inbox_log__inbox_id
+#: model:ir.ui.menu,name:vault.menu_vault_inbox
+msgid "Inbox"
+msgstr "Bandeja de entrada"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users__inbox_enabled
+msgid "Inbox Enabled"
+msgstr "Bandeja de entrada habilitada"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users__inbox_link
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__inbox_link
+msgid "Inbox Link"
+msgstr "Enlace de la bandeja de entrada"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users__inbox_token
+msgid "Inbox Token"
+msgstr "Token bandeja de entrada"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__include_childs
+msgid "Include Childs"
+msgstr "Incluir hijos"
+
+#. module: vault
+#: code:addons/vault/models/vault_log.py:0
+#, python-format
+msgid "Information"
+msgstr "Información"
+
+#. module: vault
+#: code:addons/vault/wizards/vault_import_wizard.py:0
+#, python-format
+msgid "Invalid file to import from"
+msgstr "Archivo inválido para importar"
+
+#. module: vault
+#: code:addons/vault/models/res_users_key.py:0
+#, python-format
+msgid "Invalid parameter"
+msgstr "Parámetro no válido"
+
+#. module: vault
+#: code:addons/vault/controllers/main.py:0
+#, python-format
+msgid "Invalid token"
+msgstr "Token inválido"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__iterations
+msgid "Iterations"
+msgstr "Iterations"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__iv
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__iv
+#: model:ir.model.fields,field_description:vault.field_vault_field__iv
+#: model:ir.model.fields,field_description:vault.field_vault_file__iv
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__iv
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__iv
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__iv
+msgid "Iv"
+msgstr "Iv"
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_import_wizard
+msgid "Keepass Database <b>.kdbx</b>"
+msgstr "Base de datos keepass <b>.kdbx</b>"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__key
+#: model:ir.model.fields,field_description:vault.field_vault_right__key
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__key
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__key
+msgid "Key"
+msgstr "Clave"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Key Management"
+msgstr "Gestión de claves"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__key_user
+msgid "Key User"
+msgstr "Clave de usuario"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Keyfile:"
+msgstr "Archivo de llaves:"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users__keys
+msgid "Keys"
+msgstr "Claves"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key____last_update
+#: model:ir.model.fields,field_description:vault.field_vault____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_abstract____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_entry____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_field____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_file____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_inbox____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_inbox_log____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_log____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_right____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_tag____last_update
+msgid "Last Modified on"
+msgstr "Última modificación el"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_entry__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_field__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_file__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_inbox_log__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_log__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_right__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_tag__write_uid
+msgid "Last Updated by"
+msgstr "Última modificación por"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__write_date
+#: model:ir.model.fields,field_description:vault.field_vault__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_entry__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_field__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_file__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_inbox_log__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_log__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_right__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_tag__write_date
+msgid "Last Updated on"
+msgstr "Última actualización en"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Length:"
+msgstr "Longitud:"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__log_ids
+#: model:ir.model.fields,field_description:vault.field_vault_entry__log_ids
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__log_ids
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_form
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_form
+msgid "Log"
+msgstr "Registro"
+
+#. module: vault
+#: code:addons/vault/models/vault_log.py:0
+#: model:ir.model,name:vault.model_vault_log
+#, python-format
+msgid "Log entry of a vault"
+msgstr "Registro de entrada de un vault"
+
+#. module: vault
+#: model:ir.actions.act_window,name:vault.action_res_users_keys
+msgid "Manage my keys"
+msgstr "Gestionar mis claves"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__master_key
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__master_key
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__master_key
+#: model:ir.model.fields,field_description:vault.field_vault_field__master_key
+#: model:ir.model.fields,field_description:vault.field_vault_file__master_key
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__master_key
+#: model:ir.model.fields,field_description:vault.field_vault_right__master_key
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__master_key
+msgid "Master Key"
+msgstr "Clave maestra"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_log__message
+msgid "Message"
+msgstr "Mensaje"
+
+#. module: vault
+#: code:addons/vault/controllers/main.py:0
+#, python-format
+msgid "Missing filename"
+msgstr "Falta el nombre del fichero"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault_utils.js:0
+#, python-format
+msgid "Missing password"
+msgstr "Falta la contraseña"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__model
+msgid "Model"
+msgstr "Modelo"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_config_settings__module_vault_share
+msgid "Module Vault Share"
+msgstr "Módulo Vault Share"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__name
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__name
+#: model:ir.model.fields,field_description:vault.field_vault_entry__name
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__name
+#: model:ir.model.fields,field_description:vault.field_vault_field__name
+#: model:ir.model.fields,field_description:vault.field_vault_file__name
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__name
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__name
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__name
+#: model:ir.model.fields,field_description:vault.field_vault_inbox_log__name
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__name
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__name
+#: model:ir.model.fields,field_description:vault.field_vault_tag__name
+msgid "Name"
+msgstr "Nombre"
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.inbox
+msgid "Name of your secret:"
+msgstr "Nombre de tu secreto:"
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
+msgid "New inbox link"
+msgstr "Nuevo enlace de la bandeja de entrada"
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
+msgid "New private key"
+msgstr "Nueva clave privada"
+
+#. module: vault
+#: code:addons/vault/controllers/main.py:0
+#, python-format
+msgid "No secret found"
+msgstr "No se ha encontrado ningún secreto"
+
+#. module: vault
+#: code:addons/vault/models/vault_inbox.py:0
+#: code:addons/vault/wizards/vault_send_wizard.py:0
+#: model:ir.model.constraint,message:vault.constraint_vault_inbox_value_check
+#: model:ir.model.constraint,message:vault.constraint_vault_send_wizard_value_check
+#, python-format
+msgid "No value found"
+msgstr "No se ha encontrado ningún valor"
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_search
+msgid "Not Expired"
+msgstr "No ha caducado"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__note
+#: model:ir.model.fields,field_description:vault.field_vault_entry__note
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_form
+msgid "Note"
+msgstr "Nota"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__user_id
+#: model:ir.model.fields,field_description:vault.field_vault_entry__user_id
+msgid "Owner"
+msgstr "Propietario"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_entry__parent_id
+msgid "Parent"
+msgstr "Padre"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__parent_id
+msgid "Parent Entry"
+msgstr "Registro padre"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Password:"
+msgstr "Contraseña:"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__path
+msgid "Path to import"
+msgstr "Ruta de importación"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__perm_user
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__perm_user
+#: model:ir.model.fields,field_description:vault.field_vault_entry__perm_user
+#: model:ir.model.fields,field_description:vault.field_vault_field__perm_user
+#: model:ir.model.fields,field_description:vault.field_vault_file__perm_user
+#: model:ir.model.fields,field_description:vault.field_vault_right__perm_user
+msgid "Perm User"
+msgstr "Usuario permanente"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault_export.js:0
+#: code:addons/vault/static/src/js/vault_import.js:0
+#, python-format
+msgid "Please enter the password for the database"
+msgstr "Por favor, introduzca la contraseña de la base de datos"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault_import.js:0
+#, python-format
+msgid "Please enter the password for the keepass database"
+msgstr "Por favor, introduzca la contraseña de la base de datos keepass"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault.js:0
+#, python-format
+msgid "Please enter the password for your private key"
+msgstr "Por favor, introduzca la contraseña de su clave privada"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Please enter your password or upload a keyfile:"
+msgstr "Por favor, introduzca su contraseña o cargue un archivo de claves:"
+
+#. module: vault
+#: code:addons/vault/controllers/main.py:0
+#, python-format
+msgid "Please specify a name"
+msgstr "Por favor, especifique un nombre"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__private
+msgid "Private"
+msgstr "Privado"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__public
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__public
+msgid "Public"
+msgstr "Público"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_right__public_key
+msgid "Public Key"
+msgstr "Clave pública"
+
+#. module: vault
+#: model:ir.actions.act_window,name:vault.action_vault_right
+#: model:ir.model.fields,field_description:vault.field_vault__right_ids
+#: model:ir.ui.menu,name:vault.menu_vault_right
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_form
+msgid "Rights"
+msgstr "Derechos"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__salt
+msgid "Salt"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault_widget.js:0
+#, python-format
+msgid "Save As..."
+msgstr "Guardar como..."
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Save in a vault"
+msgstr "Guardar en un vault"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__secret
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__secret
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__secret
+#: model_terms:ir.ui.view,arch_db:vault.inbox
+msgid "Secret"
+msgstr "Secreto"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__secret_file
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__secret_file
+msgid "Secret File"
+msgstr "Archivo de secretos"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__secret_temporary
+msgid "Secret Temporary"
+msgstr "Secreto temporal"
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.inbox
+msgid "Secret to share:"
+msgstr "Secreto a compartir:"
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_send_wizard
+msgid "Send"
+msgstr "Enviar"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Send the secret to an user"
+msgstr "Enviar secreto a un usuario"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault_widget.js:0
+#, python-format
+msgid "Send the secret to another user"
+msgstr "Enviar secreto a otro usuario"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_right__perm_share
+msgid "Share"
+msgstr "Compartir"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Show"
+msgstr "Mostrar"
+
+#. module: vault
+#: code:addons/vault/controllers/main.py:0
+#, python-format
+msgid "Something went wrong with the encryption"
+msgstr "Algo ha ido mal en el encriptado"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "Special"
+msgstr "Especial"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_log__state
+msgid "State"
+msgstr "Estado"
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_store_wizard
+msgid "Store"
+msgstr "Tienda"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault_widget.js:0
+#, python-format
+msgid "Store the secret in a vault"
+msgstr "Guarda el secreto en un vault"
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.inbox
+msgid "Submit secret"
+msgstr "Enviar secreto"
+
+#. module: vault
+#: code:addons/vault/controllers/main.py:0
+#, python-format
+msgid "Successfully stored"
+msgstr "Guardado correctamente"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_entry__tags
+msgid "Tags"
+msgstr "Etiquetas"
+
+#. module: vault
+#: code:addons/vault/models/vault.py:0
+#: code:addons/vault/models/vault_entry.py:0
+#: model:ir.model.constraint,message:vault.constraint_vault_entry_vault_uuid_uniq
+#: model:ir.model.constraint,message:vault.constraint_vault_uuid_uniq
+#, python-format
+msgid "The UUID must be unique."
+msgstr "El UUID debe ser único."
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault_widget.js:0
+#, python-format
+msgid "The field is empty, there's nothing to save!"
+msgstr "El campo está vacío, ¡no hay nada que guardar!"
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_import_wizard
+msgid "The files must end on one of the supported file type:"
+msgstr "Los archivos deben terminar en uno de los tipos de archivo admitidos:"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault_utils.js:0
+#, python-format
+msgid "The passwords aren't matching"
+msgstr "Las contraseñas no coinciden"
+
+#. module: vault
+#: code:addons/vault/models/abstract_vault.py:0
+#, python-format
+msgid ""
+"The requested operation can not be completed due to security restrictions."
+msgstr ""
+"La operación solicitada no puede completarse debido a restricciones de "
+"seguridad."
+
+#. module: vault
+#: code:addons/vault/models/vault_tag.py:0
+#: model:ir.model.constraint,message:vault.constraint_vault_tag_name_uniq
+#, python-format
+msgid "The tag must be unique!"
+msgstr "¡La etiqueta debe ser única!"
+
+#. module: vault
+#: code:addons/vault/models/vault_right.py:0
+#: model:ir.model.constraint,message:vault.constraint_vault_right_user_uniq
+#, python-format
+msgid "The user must be unique"
+msgstr "El usuario debe ser único"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault_controller.js:0
+#, python-format
+msgid "This will re-encrypt everything in the vault. Do you want to proceed?"
+msgstr "Esto volverá a encriptar todo en el vault. ¿Quieres proceder?"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__token
+msgid "Token"
+msgstr "Token"
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/js/vault_import.js:0
+#, python-format
+msgid "Unsupported file to import"
+msgstr "Archivo no compatible para importar"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_entry__url
+msgid "Url"
+msgstr "Url"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__user_id
+#: model:ir.model.fields,field_description:vault.field_vault_log__user_id
+#: model:ir.model.fields,field_description:vault.field_vault_right__user_id
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__user_id
+msgid "User"
+msgstr "Usuario"
+
+#. module: vault
+#: code:addons/vault/models/res_users_key.py:0
+#: model:ir.model,name:vault.model_res_users_key
+#, python-format
+msgid "User data of a vault"
+msgstr "Datos de usuario de un vault"
+
+#. module: vault
+#: model:ir.model,name:vault.model_res_users
+msgid "Users"
+msgstr "Usuarios"
+
+#. module: vault
+#: model:ir.model.fields,help:vault.field_vault_inbox__inbox_link
+msgid ""
+"Using this link you can write to the current inbox. If you want people to "
+"create new inboxes you should give them your inbox link from your key "
+"management."
+msgstr ""
+"Con este enlace puedes escribir en la bandeja de entrada actual. Si quieres "
+"que la gente cree nuevas bandejas de entrada, deberás darles el enlace de tu "
+"bandeja de entrada desde tu gestor de claves."
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__uuid
+#: model:ir.model.fields,field_description:vault.field_vault__uuid
+#: model:ir.model.fields,field_description:vault.field_vault_entry__uuid
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__uuid
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__uuid
+msgid "Uuid"
+msgstr "Uuid"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_field__value
+#: model:ir.model.fields,field_description:vault.field_vault_file__value
+msgid "Value"
+msgstr "Valor"
+
+#. module: vault
+#: code:addons/vault/models/vault.py:0
+#: model:ir.actions.act_window,name:vault.action_vault
+#: model:ir.model,name:vault.model_vault
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__vault_id
+#: model:ir.model.fields,field_description:vault.field_vault_entry__vault_id
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__vault_id
+#: model:ir.model.fields,field_description:vault.field_vault_field__vault_id
+#: model:ir.model.fields,field_description:vault.field_vault_file__vault_id
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__vault_id
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__user_id
+#: model:ir.model.fields,field_description:vault.field_vault_log__vault_id
+#: model:ir.model.fields,field_description:vault.field_vault_right__vault_id
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__vault_id
+#: model:ir.ui.menu,name:vault.menu_vault
+#: model_terms:ir.ui.view,arch_db:vault.res_config_settings_view_form
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_search
+#, python-format
+msgid "Vault"
+msgstr "Vault"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users__vault_right_ids
+msgid "Vault Right"
+msgstr "Permiso de vault"
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.res_config_settings_view_form
+msgid "Vault Share"
+msgstr "Compartir vault"
+
+#. module: vault
+#: code:addons/vault/models/vault_inbox_log.py:0
+#: model:ir.model,name:vault.model_vault_inbox_log
+#, python-format
+msgid "Vault inbox log"
+msgstr "Registro de bandeja de entrada de vault"
+
+#. module: vault
+#: code:addons/vault/models/vault_right.py:0
+#: model:ir.model,name:vault.model_vault_right
+#, python-format
+msgid "Vault rights"
+msgstr "Permisos de vault"
+
+#. module: vault
+#: code:addons/vault/models/vault_inbox.py:0
+#: model:ir.model,name:vault.model_vault_inbox
+#, python-format
+msgid "Vault share incoming secrets"
+msgstr "Compartir los secretos de entrada de vault"
+
+#. module: vault
+#: code:addons/vault/models/vault_tag.py:0
+#: model:ir.model,name:vault.model_vault_tag
+#, python-format
+msgid "Vault tag"
+msgstr "Etiqueta de vault"
+
+#. module: vault
+#: code:addons/vault/models/vault_log.py:0
+#, python-format
+msgid "Warning"
+msgstr "Advertencia"
+
+#. module: vault
+#: code:addons/vault/wizards/vault_store_wizard.py:0
+#: model:ir.model,name:vault.model_vault_store_wizard
+#, python-format
+msgid "Wizard store a shared secret in a vault"
+msgstr "Asistente de almacenado de secreto compartido en un vault"
+
+#. module: vault
+#: code:addons/vault/wizards/vault_send_wizard.py:0
+#: model:ir.model,name:vault.model_vault_send_wizard
+#, python-format
+msgid "Wizard to send another user a secret"
+msgstr "Asistente para enviar un secreto a otro usuario"
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_right__perm_write
+msgid "Write"
+msgstr "Escribir"
+
+#. module: vault
+#: code:addons/vault/models/vault_inbox.py:0
+#, python-format
+msgid "Written by %s via %s"
+msgstr "Escrito por %s via %s"
+
+#. module: vault
+#: code:addons/vault/models/vault_entry.py:0
+#, python-format
+msgid "You can not create recursive entries."
+msgstr "No puedes crear registros recrsivos."
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_send_wizard
+msgid ""
+"You can only send the secret to the user who has generated a key-pair.\n"
+"                        If an user is not showing please ask him to generate "
+"these."
+msgstr ""
+"Sólo se puede enviar el secreto al usuario que ha generado un par de "
+"claves.\n"
+"                        Si un usuario no aparece, por favor, pídale que los "
+"genere."
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/xml/templates.xml:0
+#, python-format
+msgid "a-z"
+msgstr "a-z"
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_import_wizard
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_send_wizard
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_store_wizard
+msgid "or"
+msgstr "o"
diff --git a/vault/i18n/vault.pot b/vault/i18n/vault.pot
index f4553d5aac..7ca577e802 100644
--- a/vault/i18n/vault.pot
+++ b/vault/i18n/vault.pot
@@ -4,8 +4,10 @@
 #
 msgid ""
 msgstr ""
-"Project-Id-Version: Odoo Server 14.0\n"
+"Project-Id-Version: Odoo Server 13.0\n"
 "Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2022-06-06 06:57+0000\n"
+"PO-Revision-Date: 2022-06-06 06:57+0000\n"
 "Last-Translator: \n"
 "Language-Team: \n"
 "MIME-Version: 1.0\n"
@@ -214,7 +216,6 @@ msgstr ""
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/xml/templates.xml:0
-#: code:addons/vault/static/src/xml/templates.xml:0
 #, python-format
 msgid "Copy to clipboard"
 msgstr ""
@@ -300,8 +301,6 @@ msgid "Delete"
 msgstr ""
 
 #. module: vault
-#: model:ir.model.fields,field_description:vault.field_res_config_settings__display_name
-#: model:ir.model.fields,field_description:vault.field_res_users__display_name
 #: model:ir.model.fields,field_description:vault.field_res_users_key__display_name
 #: model:ir.model.fields,field_description:vault.field_vault__display_name
 #: model:ir.model.fields,field_description:vault.field_vault_abstract__display_name
@@ -478,7 +477,6 @@ msgstr ""
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/xml/templates.xml:0
-#: code:addons/vault/static/src/xml/templates.xml:0
 #, python-format
 msgid "Generate"
 msgstr ""
@@ -498,14 +496,11 @@ msgstr ""
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/xml/templates.xml:0
-#: code:addons/vault/static/src/xml/templates.xml:0
 #, python-format
 msgid "Hide"
 msgstr ""
 
 #. module: vault
-#: model:ir.model.fields,field_description:vault.field_res_config_settings__id
-#: model:ir.model.fields,field_description:vault.field_res_users__id
 #: model:ir.model.fields,field_description:vault.field_res_users_key__id
 #: model:ir.model.fields,field_description:vault.field_vault__id
 #: model:ir.model.fields,field_description:vault.field_vault_abstract__id
@@ -672,8 +667,6 @@ msgid "Keys"
 msgstr ""
 
 #. module: vault
-#: model:ir.model.fields,field_description:vault.field_res_config_settings____last_update
-#: model:ir.model.fields,field_description:vault.field_res_users____last_update
 #: model:ir.model.fields,field_description:vault.field_res_users_key____last_update
 #: model:ir.model.fields,field_description:vault.field_vault____last_update
 #: model:ir.model.fields,field_description:vault.field_vault_abstract____last_update
@@ -974,8 +967,6 @@ msgstr ""
 #. openerp-web
 #: code:addons/vault/static/src/xml/templates.xml:0
 #: code:addons/vault/static/src/xml/templates.xml:0
-#: code:addons/vault/static/src/xml/templates.xml:0
-#: code:addons/vault/static/src/xml/templates.xml:0
 #, python-format
 msgid "Save in a vault"
 msgstr ""
@@ -1012,7 +1003,6 @@ msgstr ""
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/xml/templates.xml:0
-#: code:addons/vault/static/src/xml/templates.xml:0
 #, python-format
 msgid "Send the secret to an user"
 msgstr ""
@@ -1032,7 +1022,6 @@ msgstr ""
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/xml/templates.xml:0
-#: code:addons/vault/static/src/xml/templates.xml:0
 #, python-format
 msgid "Show"
 msgstr ""
@@ -1259,6 +1248,11 @@ msgstr ""
 msgid "Vault tag"
 msgstr ""
 
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_search
+msgid "Vaults"
+msgstr ""
+
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__version
 msgid "Version"
diff --git a/vault/models/vault_entry.py b/vault/models/vault_entry.py
index 75efd376a9..9aab041237 100644
--- a/vault/models/vault_entry.py
+++ b/vault/models/vault_entry.py
@@ -1,4 +1,5 @@
 # © 2021 Florian Kantelberg - initOS GmbH
+# Copyright 2022 Tecnativa - Víctor Martínez
 # License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
 
 import logging
@@ -73,6 +74,38 @@ def _compute_complete_name(self):
             else:
                 rec.complete_name = rec.name
 
+    @api.model
+    def search_panel_select_range(self, field_name, **kwargs):
+        """We add the following contexts related to searchpanel:
+        - entry_short_name: Show just the name instead of full path.
+        - from_search_panel: It will be used to overwrite domain.
+        Remove the limit of records (default is 200).
+        """
+        kwargs.update(limit=False)
+        return super(
+            VaultEntry,
+            self.with_context(from_search_panel=True, entry_short_name=True),
+        ).search_panel_select_range(field_name, **kwargs)
+
+    def search_read(self, domain=None, fields=None, offset=0, limit=None, order=None):
+        """Changes related to searchpanel:
+        - Add a domain to only show records with children.
+        """
+        domain = domain if domain else []
+        if self.env.context.get("from_search_panel"):
+            domain += [("child_ids", "!=", False)]
+        res = super().search_read(
+            domain=domain, fields=fields, offset=offset, limit=limit, order=order
+        )
+        return res
+
+    @api.depends("name", "complete_name")
+    def _compute_display_name(self):
+        if not self.env.context.get("entry_short_name", False):
+            return super()._compute_display_name()
+        for record in self:
+            record.display_name = record.name
+
     @api.depends("expire_date")
     def _compute_expired(self):
         now = datetime.now()
diff --git a/vault/tests/test_vault.py b/vault/tests/test_vault.py
index 545cb615e4..f803c5a496 100644
--- a/vault/tests/test_vault.py
+++ b/vault/tests/test_vault.py
@@ -1,4 +1,5 @@
 # © 2021 Florian Kantelberg - initOS GmbH
+# Copyright 2022 Tecnativa - Víctor Martínez
 # License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
 
 import logging
@@ -158,3 +159,8 @@ def test_search_expired(self):
         self.assertTrue(domain[0] == "|")
         self.assertIn(("expire_date", "=", False), domain)
         self.assertTrue(any(("expire_date", ">=") == d[:2] for d in domain))
+
+    def test_vault_entry_search_panel_limit(self):
+        res = self.entry.search_panel_select_range("parent_id")
+        total_items = self.env["vault.entry"].search_count([("child_ids", "!=", False)])
+        self.assertEqual(len(res["values"]), total_items)
diff --git a/vault/views/vault_entry_views.xml b/vault/views/vault_entry_views.xml
index d72c91f8eb..90000a2df8 100644
--- a/vault/views/vault_entry_views.xml
+++ b/vault/views/vault_entry_views.xml
@@ -165,6 +165,7 @@
                     context="{'group_by': 'vault_id'}"
                 />
                 <searchpanel>
+                    <field name="vault_id" string="Vaults" enable_counters="1" />
                     <field name="parent_id" string="Entries" enable_counters="1" />
                 </searchpanel>
             </search>
diff --git a/vault_share/i18n/es.po b/vault_share/i18n/es.po
new file mode 100644
index 0000000000..752e01d09a
--- /dev/null
+++ b/vault_share/i18n/es.po
@@ -0,0 +1,288 @@
+# Translation of Odoo Server.
+# This file contains the translation of the following modules:
+# 	* vault_share
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Odoo Server 13.0\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2022-06-06 07:44+0000\n"
+"PO-Revision-Date: 2022-06-06 09:54+0200\n"
+"Language-Team: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Generator: Poedit 2.3\n"
+"Last-Translator: \n"
+"Language: es\n"
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__accesses
+msgid "Access counter"
+msgstr "Contador de acceso"
+
+#. module: vault_share
+#: model:ir.actions.server,name:vault_share.cron_share_clean_ir_actions_server
+#: model:ir.cron,cron_name:vault_share.cron_share_clean
+#: model:ir.cron,name:vault_share.cron_share_clean
+msgid "Clean outgoing share"
+msgstr "Limpiar recurso compartido externo"
+
+#. module: vault_share
+#: model:ir.model,name:vault_share.model_res_company
+msgid "Companies"
+msgstr "Compañías"
+
+#. module: vault_share
+#: model:ir.model,name:vault_share.model_res_config_settings
+msgid "Config Settings"
+msgstr "Opciones de Configuración"
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__create_uid
+#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__create_uid
+msgid "Created by"
+msgstr "Creado por"
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__create_date
+#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__create_date
+msgid "Created on"
+msgstr "Creado el"
+
+#. module: vault_share
+#: model_terms:ir.ui.view,arch_db:vault_share.res_config_settings_view_form
+msgid "Days"
+msgstr "Días"
+
+#. module: vault_share
+#: model_terms:ir.ui.view,arch_db:vault_share.res_config_settings_view_form
+msgid "Delay the deletion of shares"
+msgstr "Retrasar el borrado de recursos compartidos"
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_res_config_settings__vault_share_delay
+msgid "Delayed Deletion"
+msgstr "Retrasar borrado"
+
+#. module: vault_share
+#: model:ir.model.fields,help:vault_share.field_res_config_settings__vault_share_delay
+msgid ""
+"Delays the deletion of a share. After the expiration date it continues to "
+"stay inaccessible"
+msgstr ""
+"Retrasa la eliminación de un recurso compartido. Después de la fecha de "
+"caducidad sigue siendo inaccesible"
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__display_name
+#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__display_name
+msgid "Display Name"
+msgstr "Nombre a mostrar"
+
+#. module: vault_share
+#: model_terms:ir.ui.view,arch_db:vault_share.share
+msgid "Enter the pin:"
+msgstr "Ingresa el pin:"
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__expiration
+msgid "Expiration"
+msgstr "Expiración"
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__filename
+msgid "Filename"
+msgstr "Nombre del fichero"
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__id
+#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__id
+msgid "ID"
+msgstr "ID"
+
+#. module: vault_share
+#: code:addons/vault_share/controllers/main.py:0
+#, python-format
+msgid "Invalid token"
+msgstr "Token inválido"
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__iv
+msgid "Iv"
+msgstr "Iv"
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share____last_update
+#: model:ir.model.fields,field_description:vault_share.field_vault_share_log____last_update
+msgid "Last Modified on"
+msgstr "Última modificación el"
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__write_uid
+#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__write_uid
+msgid "Last Updated by"
+msgstr "Última modificación por"
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__write_date
+#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__write_date
+msgid "Last Updated on"
+msgstr "Última actualización en"
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__log_ids
+msgid "Log"
+msgstr "Registro"
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__name
+#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__name
+msgid "Name"
+msgstr "Nombre"
+
+#. module: vault_share
+#: code:addons/vault_share/models/vault_share.py:0
+#: model:ir.model.constraint,message:vault_share.constraint_vault_share_value_check
+#, python-format
+msgid "No value found"
+msgstr "No se ha encontrado ningún valor"
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__pin
+msgid "Pin"
+msgstr "Pin"
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__salt
+msgid "Salt"
+msgstr ""
+
+#. module: vault_share
+#. openerp-web
+#: code:addons/vault_share/static/src/xml/templates.xml:0
+#, python-format
+msgid "Save in a vault"
+msgstr "Guardar en un vault"
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__secret
+msgid "Secret"
+msgstr "Secreto"
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__secret_file
+msgid "Secret File"
+msgstr "Archivo de secretos"
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__share_id
+msgid "Share"
+msgstr "Compartir"
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__share_link
+msgid "Share URL"
+msgstr "Compartir url"
+
+#. module: vault_share
+#. openerp-web
+#: code:addons/vault_share/static/src/js/vault_fields.js:0
+#, python-format
+msgid "Share the secret"
+msgstr "Compartir el secreto"
+
+#. module: vault_share
+#. openerp-web
+#: code:addons/vault_share/static/src/xml/templates.xml:0
+#, python-format
+msgid "Share the secret with an external user"
+msgstr "Compartir el secreto con usuario externo"
+
+#. module: vault_share
+#: model_terms:ir.ui.view,arch_db:vault_share.share
+msgid "Shared file:"
+msgstr "Archivo compartido:"
+
+#. module: vault_share
+#: model_terms:ir.ui.view,arch_db:vault_share.share
+msgid "Shared secret:"
+msgstr "Secreto compartido:"
+
+#. module: vault_share
+#: model:ir.actions.act_window,name:vault_share.action_vault_share
+#: model:ir.ui.menu,name:vault_share.menu_vault_share
+msgid "Shares"
+msgstr "Recursos comparidos"
+
+#. module: vault_share
+#: model:ir.model.fields,help:vault_share.field_vault_share__expiration
+msgid "Specifies how long a share can be accessed until deletion."
+msgstr ""
+"Especifica el tiempo que se puede acceder a un recurso compartido hasta "
+"su eliminación."
+
+#. module: vault_share
+#: model:ir.model.fields,help:vault_share.field_vault_share__accesses
+msgid "Specifies how often a share can be accessed before deletion."
+msgstr ""
+"Especifica la frecuencia con la que se puede acceder a un recurso "
+"compartido antes de eliminarlo."
+
+#. module: vault_share
+#: model:ir.model.fields,help:vault_share.field_vault_share__pin
+msgid "The pin needed to decrypt the share."
+msgstr "El pin necesario para descifrar el recurso compartido."
+
+#. module: vault_share
+#: code:addons/vault_share/controllers/main.py:0
+#, python-format
+msgid "The secret expired"
+msgstr "El secreto ha expirado"
+
+#. module: vault_share
+#: code:addons/vault_share/models/vault_share.py:0
+#, python-format
+msgid "The share was accessed by %s via %s"
+msgstr "El recurso compartido fue accedido por %s a través de %s"
+
+#. module: vault_share
+#: code:addons/vault_share/models/vault_share.py:0
+#, python-format
+msgid "The share was created by %s"
+msgstr "El recurso compartido fue creado por %s"
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__token
+msgid "Token"
+msgstr "Token"
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__user_id
+msgid "User"
+msgstr "Usuario"
+
+#. module: vault_share
+#: model:ir.model.fields,help:vault_share.field_vault_share__share_link
+msgid "Using this link and pin people can access the secret."
+msgstr "Utilizando este enlace y el pin la gente puede acceder al secreto."
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_res_company__vault_share_delay
+msgid "Vault Share Delay"
+msgstr ""
+
+#. module: vault_share
+#: code:addons/vault_share/models/vault_share_log.py:0
+#: model:ir.model,name:vault_share.model_vault_share_log
+#, python-format
+msgid "Vault share log"
+msgstr ""
+
+#. module: vault_share
+#: code:addons/vault_share/models/vault_share.py:0
+#: model:ir.model,name:vault_share.model_vault_share
+#, python-format
+msgid "Vault share outgoing secrets"
+msgstr ""
diff --git a/vault_share/i18n/vault_share.pot b/vault_share/i18n/vault_share.pot
index 8fd3ff71c6..eb4b16924a 100644
--- a/vault_share/i18n/vault_share.pot
+++ b/vault_share/i18n/vault_share.pot
@@ -4,8 +4,10 @@
 #
 msgid ""
 msgstr ""
-"Project-Id-Version: Odoo Server 14.0\n"
+"Project-Id-Version: Odoo Server 13.0\n"
 "Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2022-06-06 07:44+0000\n"
+"PO-Revision-Date: 2022-06-06 07:44+0000\n"
 "Last-Translator: \n"
 "Language-Team: \n"
 "MIME-Version: 1.0\n"
@@ -70,8 +72,6 @@ msgid ""
 msgstr ""
 
 #. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_res_company__display_name
-#: model:ir.model.fields,field_description:vault_share.field_res_config_settings__display_name
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__display_name
 #: model:ir.model.fields,field_description:vault_share.field_vault_share_log__display_name
 msgid "Display Name"
@@ -93,8 +93,6 @@ msgid "Filename"
 msgstr ""
 
 #. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_res_company__id
-#: model:ir.model.fields,field_description:vault_share.field_res_config_settings__id
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__id
 #: model:ir.model.fields,field_description:vault_share.field_vault_share_log__id
 msgid "ID"
@@ -112,8 +110,6 @@ msgid "Iv"
 msgstr ""
 
 #. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_res_company____last_update
-#: model:ir.model.fields,field_description:vault_share.field_res_config_settings____last_update
 #: model:ir.model.fields,field_description:vault_share.field_vault_share____last_update
 #: model:ir.model.fields,field_description:vault_share.field_vault_share_log____last_update
 msgid "Last Modified on"
@@ -163,8 +159,6 @@ msgstr ""
 #. openerp-web
 #: code:addons/vault_share/static/src/xml/templates.xml:0
 #: code:addons/vault_share/static/src/xml/templates.xml:0
-#: code:addons/vault_share/static/src/xml/templates.xml:0
-#: code:addons/vault_share/static/src/xml/templates.xml:0
 #, python-format
 msgid "Save in a vault"
 msgstr ""
@@ -199,7 +193,6 @@ msgstr ""
 #. module: vault_share
 #. openerp-web
 #: code:addons/vault_share/static/src/xml/templates.xml:0
-#: code:addons/vault_share/static/src/xml/templates.xml:0
 #, python-format
 msgid "Share the secret with an external user"
 msgstr ""

From b14b431d6fde50b67489fc34f2962bfb0a2448e3 Mon Sep 17 00:00:00 2001
From: oca-ci <oca-ci@odoo-community.org>
Date: Thu, 1 Sep 2022 15:53:35 +0000
Subject: [PATCH 19/71] Update vault.pot

---
 vault/i18n/vault.pot | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/vault/i18n/vault.pot b/vault/i18n/vault.pot
index 7ca577e802..3413362249 100644
--- a/vault/i18n/vault.pot
+++ b/vault/i18n/vault.pot
@@ -4,10 +4,8 @@
 #
 msgid ""
 msgstr ""
-"Project-Id-Version: Odoo Server 13.0\n"
+"Project-Id-Version: Odoo Server 14.0\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-06-06 06:57+0000\n"
-"PO-Revision-Date: 2022-06-06 06:57+0000\n"
 "Last-Translator: \n"
 "Language-Team: \n"
 "MIME-Version: 1.0\n"
@@ -216,6 +214,7 @@ msgstr ""
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/xml/templates.xml:0
 #, python-format
 msgid "Copy to clipboard"
 msgstr ""
@@ -301,6 +300,8 @@ msgid "Delete"
 msgstr ""
 
 #. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_config_settings__display_name
+#: model:ir.model.fields,field_description:vault.field_res_users__display_name
 #: model:ir.model.fields,field_description:vault.field_res_users_key__display_name
 #: model:ir.model.fields,field_description:vault.field_vault__display_name
 #: model:ir.model.fields,field_description:vault.field_vault_abstract__display_name
@@ -477,6 +478,7 @@ msgstr ""
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/xml/templates.xml:0
 #, python-format
 msgid "Generate"
 msgstr ""
@@ -496,11 +498,14 @@ msgstr ""
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/xml/templates.xml:0
 #, python-format
 msgid "Hide"
 msgstr ""
 
 #. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_config_settings__id
+#: model:ir.model.fields,field_description:vault.field_res_users__id
 #: model:ir.model.fields,field_description:vault.field_res_users_key__id
 #: model:ir.model.fields,field_description:vault.field_vault__id
 #: model:ir.model.fields,field_description:vault.field_vault_abstract__id
@@ -667,6 +672,8 @@ msgid "Keys"
 msgstr ""
 
 #. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_config_settings____last_update
+#: model:ir.model.fields,field_description:vault.field_res_users____last_update
 #: model:ir.model.fields,field_description:vault.field_res_users_key____last_update
 #: model:ir.model.fields,field_description:vault.field_vault____last_update
 #: model:ir.model.fields,field_description:vault.field_vault_abstract____last_update
@@ -967,6 +974,8 @@ msgstr ""
 #. openerp-web
 #: code:addons/vault/static/src/xml/templates.xml:0
 #: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/xml/templates.xml:0
 #, python-format
 msgid "Save in a vault"
 msgstr ""
@@ -1003,6 +1012,7 @@ msgstr ""
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/xml/templates.xml:0
 #, python-format
 msgid "Send the secret to an user"
 msgstr ""
@@ -1022,6 +1032,7 @@ msgstr ""
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/xml/templates.xml:0
 #, python-format
 msgid "Show"
 msgstr ""

From 4b339bfffe1787d08de14bdb03d39b70144fe756 Mon Sep 17 00:00:00 2001
From: oca-ci <oca-ci@odoo-community.org>
Date: Thu, 1 Sep 2022 15:53:41 +0000
Subject: [PATCH 20/71] Update vault_share.pot

---
 vault_share/i18n/vault_share.pot | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/vault_share/i18n/vault_share.pot b/vault_share/i18n/vault_share.pot
index eb4b16924a..8fd3ff71c6 100644
--- a/vault_share/i18n/vault_share.pot
+++ b/vault_share/i18n/vault_share.pot
@@ -4,10 +4,8 @@
 #
 msgid ""
 msgstr ""
-"Project-Id-Version: Odoo Server 13.0\n"
+"Project-Id-Version: Odoo Server 14.0\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-06-06 07:44+0000\n"
-"PO-Revision-Date: 2022-06-06 07:44+0000\n"
 "Last-Translator: \n"
 "Language-Team: \n"
 "MIME-Version: 1.0\n"
@@ -72,6 +70,8 @@ msgid ""
 msgstr ""
 
 #. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_res_company__display_name
+#: model:ir.model.fields,field_description:vault_share.field_res_config_settings__display_name
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__display_name
 #: model:ir.model.fields,field_description:vault_share.field_vault_share_log__display_name
 msgid "Display Name"
@@ -93,6 +93,8 @@ msgid "Filename"
 msgstr ""
 
 #. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_res_company__id
+#: model:ir.model.fields,field_description:vault_share.field_res_config_settings__id
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__id
 #: model:ir.model.fields,field_description:vault_share.field_vault_share_log__id
 msgid "ID"
@@ -110,6 +112,8 @@ msgid "Iv"
 msgstr ""
 
 #. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_res_company____last_update
+#: model:ir.model.fields,field_description:vault_share.field_res_config_settings____last_update
 #: model:ir.model.fields,field_description:vault_share.field_vault_share____last_update
 #: model:ir.model.fields,field_description:vault_share.field_vault_share_log____last_update
 msgid "Last Modified on"
@@ -159,6 +163,8 @@ msgstr ""
 #. openerp-web
 #: code:addons/vault_share/static/src/xml/templates.xml:0
 #: code:addons/vault_share/static/src/xml/templates.xml:0
+#: code:addons/vault_share/static/src/xml/templates.xml:0
+#: code:addons/vault_share/static/src/xml/templates.xml:0
 #, python-format
 msgid "Save in a vault"
 msgstr ""
@@ -193,6 +199,7 @@ msgstr ""
 #. module: vault_share
 #. openerp-web
 #: code:addons/vault_share/static/src/xml/templates.xml:0
+#: code:addons/vault_share/static/src/xml/templates.xml:0
 #, python-format
 msgid "Share the secret with an external user"
 msgstr ""

From 4bfaedc5f26a3ae985b3dd3bf7f1f9d7f9bb093d Mon Sep 17 00:00:00 2001
From: OCA-git-bot <oca-git-bot@odoo-community.org>
Date: Thu, 1 Sep 2022 15:57:11 +0000
Subject: [PATCH 21/71] vault_share 14.0.1.2.0

---
 vault_share/__manifest__.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vault_share/__manifest__.py b/vault_share/__manifest__.py
index 80235e1c1f..da4bd99552 100644
--- a/vault_share/__manifest__.py
+++ b/vault_share/__manifest__.py
@@ -5,7 +5,7 @@
     "name": "Vault - Share",
     "summary": "Implementation of a mechanism to share secrets",
     "license": "AGPL-3",
-    "version": "14.0.1.1.0",
+    "version": "14.0.1.2.0",
     "website": "https://github.com/OCA/server-auth",
     "application": False,
     "author": "initOS GmbH, Odoo Community Association (OCA)",

From b63dbc9ab8b7e72285e0e17ac765706ec727f3e9 Mon Sep 17 00:00:00 2001
From: OCA-git-bot <oca-git-bot@odoo-community.org>
Date: Thu, 1 Sep 2022 15:57:12 +0000
Subject: [PATCH 22/71] vault 14.0.1.7.0

---
 vault/__manifest__.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vault/__manifest__.py b/vault/__manifest__.py
index 4f4d1e76c5..004a97f424 100644
--- a/vault/__manifest__.py
+++ b/vault/__manifest__.py
@@ -5,7 +5,7 @@
     "name": "Vault",
     "summary": "Password vault integration in Odoo",
     "license": "AGPL-3",
-    "version": "14.0.1.6.2",
+    "version": "14.0.1.7.0",
     "website": "https://github.com/OCA/server-auth",
     "application": True,
     "author": "initOS GmbH, Odoo Community Association (OCA)",

From 0a28d5c043d9a94c9bd0b7ff3f745d3cb5f53b94 Mon Sep 17 00:00:00 2001
From: fkantelberg <florian.kantelberg@initos.com>
Date: Sun, 4 Sep 2022 21:57:10 +0200
Subject: [PATCH 23/71] Fix locking secrets because on re-encryption after
 removal of users the fields and files aren't overwritten

---
 vault/models/vault_file.py              |  10 +-
 vault/static/src/js/vault_controller.js | 155 +++++++++++++++---------
 vault/views/vault_views.xml             |  11 --
 3 files changed, 107 insertions(+), 69 deletions(-)

diff --git a/vault/models/vault_file.py b/vault/models/vault_file.py
index 6c07e9deef..011412d38e 100644
--- a/vault/models/vault_file.py
+++ b/vault/models/vault_file.py
@@ -3,7 +3,7 @@
 
 import logging
 
-from odoo import _, fields, models
+from odoo import _, api, fields, models
 
 _logger = logging.getLogger(__name__)
 
@@ -15,3 +15,11 @@ class VaultFile(models.Model):
     _inherit = ["vault.abstract.field", "vault.abstract"]
 
     value = fields.Binary(attachment=False)
+
+    @api.model
+    def search_read(self, *args, **kwargs):
+        if self.env.context.get("vault_reencrypt"):
+            return super(VaultFile, self.with_context(bin_size=False)).search_read(
+                *args, **kwargs
+            )
+        return super().search_read(*args, **kwargs)
diff --git a/vault/static/src/js/vault_controller.js b/vault/static/src/js/vault_controller.js
index a0b0ee96da..d70bb481eb 100644
--- a/vault/static/src/js/vault_controller.js
+++ b/vault/static/src/js/vault_controller.js
@@ -186,76 +186,77 @@ odoo.define("vault.controller", function (require) {
          * @param {Object} options
          */
         _deleteVaultRight: async function (record, changes, options) {
+            const self = this;
             const master_key = await utils.generate_key();
             const current_key = await vault.unwrap(record.data.master_key);
 
-            // Update the rights
-            for (const right of record.data.right_ids.data) {
-                if (changes.ids.indexOf(right.id) < 0) {
+            // We only need to re-encrypt once per iteration
+            if (this._vault_changes) return;
+
+            // This stores the additional changes made to rights, fields, and files
+            this._vault_changes = [];
+
+            // Convert the datapoint IDs to database IDs because we are loading
+            const deleted = [];
+            for (const right_id of changes.ids) {
+                const rec = await this.model.get(right_id, {raw: true});
+                deleted.push(rec.res_id);
+            }
+
+            // Update the rights. Load without limit
+            const right_handle = await this.model.load({
+                domain: [["vault_id", "=", record.res_id]],
+                fields: ["key"],
+                modelName: "vault.right",
+                limit: 0,
+                type: "list",
+            });
+
+            const rights = await this.model.get(right_handle, {raw: true});
+            for (const right of rights.data) {
+                if (deleted.indexOf(right.res_id) < 0) {
                     const key = await vault.wrap_with(
                         master_key,
                         right.data.public_key
                     );
 
-                    await this._applyChanges(
-                        record.id,
-                        {
-                            right_ids: {
-                                operation: "UPDATE",
-                                id: right.id,
-                                data: {key: key},
-                            },
-                        },
-                        options
-                    );
+                    await this._applyChanges(right.id, {key: key}, options);
                 }
+                this._vault_changes.push(right.id);
             }
 
-            // Re-encrypt the fields
-            for (const field of record.data.field_ids.data) {
-                const val = await utils.sym_decrypt(
-                    current_key,
-                    field.data.value,
-                    field.data.iv
-                );
-                const iv = utils.generate_iv_base64();
-                const encrypted = await utils.sym_encrypt(master_key, val, iv);
-
-                await this._applyChanges(
-                    record.id,
-                    {
-                        field_ids: {
-                            operation: "UPDATE",
-                            id: field.id,
-                            data: {value: encrypted, iv: iv},
-                        },
-                    },
-                    options
-                );
+            async function reencrypt(model) {
+                // Load the entire data from the database
+                const handle = await self.model.load({
+                    context: {vault_reencrypt: true},
+                    domain: [["vault_id", "=", record.res_id]],
+                    fields: ["iv", "value"],
+                    modelName: model,
+                    limit: 0,
+                    type: "list",
+                });
+
+                const records = await self.model.get(handle, {raw: true});
+                for (const rec of records.data) {
+                    if (!rec.data) continue;
+
+                    const d = rec.data;
+                    const val = await utils.sym_decrypt(current_key, d.value, d.iv);
+                    const iv = utils.generate_iv_base64();
+                    const encrypted = await utils.sym_encrypt(master_key, val, iv);
+
+                    await self._applyChanges(
+                        rec.id,
+                        {value: encrypted, iv: iv},
+                        options
+                    );
+                    self._vault_changes.push(rec.id);
+                }
             }
 
-            // Re-encrypt the files
-            for (const file of record.data.file_ids.data) {
-                const val = await utils.sym_decrypt(
-                    current_key,
-                    file.data.content,
-                    file.data.iv
-                );
-                const iv = utils.generate_iv_base64();
-                const encrypted = await utils.sym_encrypt(master_key, val, iv);
-
-                await this._applyChanges(
-                    record.id,
-                    {
-                        file_ids: {
-                            operation: "UPDATE",
-                            id: file.id,
-                            data: {content: encrypted, iv: iv},
-                        },
-                    },
-                    options
-                );
-            }
+            // Re-encrypt vault.field and vault.file
+            await reencrypt("vault.field");
+            await reencrypt("vault.file");
         },
 
         /**
@@ -350,5 +351,45 @@ odoo.define("vault.controller", function (require) {
 
             return result;
         },
+
+        /**
+         * Check if there are additional changes made which needs to be pushed to
+         * the database
+         *
+         * @override
+         * @param {String} recordID
+         * @param {Object} options
+         */
+        saveRecord: async function (recordID, options) {
+            const res = await this._super(...arguments);
+            if (this.modelName !== "vault") return res;
+
+            if (!this._vault_changes) return res;
+
+            const opts = _.defaults(options || {}, {savePoint: false});
+
+            // Apply the changes to rights, fields, and files
+            const changes = this._vault_changes.slice();
+            this._vault_changes = [];
+            for (const rec_id of changes)
+                await this.model.save(rec_id, {
+                    reload: false,
+                    savePoint: opts.savePoint,
+                });
+            return res;
+        },
+
+        /**
+         * Invalidate the additional vault changes
+         *
+         * @override
+         */
+        _discardChanges: async function () {
+            const res = await this._super(...arguments);
+            if (this.modelName !== "vault") return res;
+
+            this._vault_changes = [];
+            return res;
+        },
     });
 });
diff --git a/vault/views/vault_views.xml b/vault/views/vault_views.xml
index fc1d1ec93a..1b775e05d8 100644
--- a/vault/views/vault_views.xml
+++ b/vault/views/vault_views.xml
@@ -70,17 +70,6 @@
                         <field name="name" />
                         <field name="user_id" />
                         <field name="note" />
-
-                        <field
-                            name="field_ids"
-                            options="{'create': False, 'delete': False}"
-                            invisible="1"
-                        />
-                        <field
-                            name="file_ids"
-                            options="{'create': False, 'delete': False}"
-                            invisible="1"
-                        />
                     </group>
 
                     <notebook>

From d3429a9f1bbede909958921dd17df49e8ab04209 Mon Sep 17 00:00:00 2001
From: OCA-git-bot <oca-git-bot@odoo-community.org>
Date: Tue, 6 Sep 2022 18:41:24 +0000
Subject: [PATCH 24/71] vault 14.0.1.7.1

---
 vault/__manifest__.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vault/__manifest__.py b/vault/__manifest__.py
index 004a97f424..6d1a65fe4b 100644
--- a/vault/__manifest__.py
+++ b/vault/__manifest__.py
@@ -5,7 +5,7 @@
     "name": "Vault",
     "summary": "Password vault integration in Odoo",
     "license": "AGPL-3",
-    "version": "14.0.1.7.0",
+    "version": "14.0.1.7.1",
     "website": "https://github.com/OCA/server-auth",
     "application": True,
     "author": "initOS GmbH, Odoo Community Association (OCA)",

From 10df9e6cb3a50d267f8ee92c037a8b8a5af563d4 Mon Sep 17 00:00:00 2001
From: fkantelberg <florian.kantelberg@initos.com>
Date: Thu, 8 Sep 2022 20:04:22 +0200
Subject: [PATCH 25/71] Allow an user to invalidate the current key if the
 password is lost - Re-encrypt vaults if the user changes the private key -
 Recompute access. Unittests

---
 vault/controllers/main.py               | 18 ++++++++++++++++-
 vault/models/res_users.py               | 17 ++++++++++++++--
 vault/static/src/js/vault_controller.js | 17 +++++++++++++---
 vault/tests/test_controller.py          | 21 ++++++++++++++++++++
 vault/tests/test_rights.py              |  6 ++++++
 vault/tests/test_user.py                | 26 +++++++++++++++++++++++++
 vault/views/res_users_views.xml         |  7 +++++++
 7 files changed, 106 insertions(+), 6 deletions(-)

diff --git a/vault/controllers/main.py b/vault/controllers/main.py
index 176254fe24..1dea23f710 100644
--- a/vault/controllers/main.py
+++ b/vault/controllers/main.py
@@ -83,6 +83,22 @@ def vault_public(self, user_id):
 
         return {"public_key": user.active_key.public}
 
+    @http.route("/vault/inbox/get", auth="user", type="json")
+    def vault_get_inbox(self):
+        inboxes = request.env.user.inbox_ids
+        return {inbox.token: inbox.key for inbox in inboxes}
+
+    @http.route("/vault/inbox/store", auth="user", type="json")
+    def vault_store_inbox(self, keys):
+        if not isinstance(keys, dict):
+            return
+
+        for inbox in request.env.user.inbox_ids:
+            key = keys.get(inbox.token)
+
+            if isinstance(key, str):
+                inbox.key = key
+
     @http.route("/vault/keys/store", auth="user", type="json")
     def vault_store_keys(self, **kwargs):
         """Store the key pair for the current user"""
@@ -109,4 +125,4 @@ def vault_store_right_keys(self, keys):
             master_key = keys.get(right.vault_id.uuid)
 
             if isinstance(master_key, str):
-                right.key = master_key
+                right.sudo().key = master_key
diff --git a/vault/models/res_users.py b/vault/models/res_users.py
index 4511910c29..5fd4b35b5c 100644
--- a/vault/models/res_users.py
+++ b/vault/models/res_users.py
@@ -19,6 +19,7 @@ class ResUsers(models.Model):
     )
     keys = fields.One2many("res.users.key", "user_id", readonly=True)
     vault_right_ids = fields.One2many("vault.right", "user_id", readonly=True)
+    inbox_ids = fields.One2many("vault.inbox", "user_id")
     inbox_enabled = fields.Boolean(default=True)
     inbox_link = fields.Char(compute="_compute_inbox_link", readonly=True, store=False)
     inbox_token = fields.Char(default=lambda self: uuid4(), readonly=True)
@@ -37,12 +38,24 @@ def _compute_inbox_link(self):
 
     @api.model
     def action_get_vault(self):
-        return self.sudo().env.ref("vault.action_res_users_keys").read()[0]
+        action = self.sudo().env.ref("vault.action_res_users_keys")
+        result = action.read()[0]
+        result["res_id"] = self.env.uid
+        return result
 
     def action_new_inbox_token(self):
         self.ensure_one()
         self.sudo().inbox_token = uuid4()
-        return {"type": "ir.actions.act_window_close"}
+        return self.action_get_vault()
+
+    def action_invalidate_key(self):
+        """Disable the current key and remove all accesses to the vaults"""
+        self.ensure_one()
+        self.keys.write({"current": False})
+        self.vault_right_ids.sudo().unlink()
+        self.inbox_ids.unlink()
+        self.env["vault"].search([])._compute_access()
+        return self.action_get_vault()
 
     @api.model
     def find_user_of_inbox(self, token):
diff --git a/vault/static/src/js/vault_controller.js b/vault/static/src/js/vault_controller.js
index d70bb481eb..9be7ba098c 100644
--- a/vault/static/src/js/vault_controller.js
+++ b/vault/static/src/js/vault_controller.js
@@ -71,8 +71,6 @@ odoo.define("vault.controller", function (require) {
          * @private
          */
         _newVaultKeyPair: async function () {
-            const master_keys = await this._rpc({route: "/vault/rights/get"});
-
             // Get the current private key
             const private_key = await vault.get_private_key();
 
@@ -82,7 +80,8 @@ odoo.define("vault.controller", function (require) {
             const public_key = await vault.get_public_key();
 
             // Re-encrypt the master keys
-            const result = {};
+            const master_keys = await this._rpc({route: "/vault/rights/get"});
+            let result = {};
             for (const uuid in master_keys) {
                 result[uuid] = await utils.wrap(
                     await utils.unwrap(master_keys[uuid], private_key),
@@ -92,6 +91,18 @@ odoo.define("vault.controller", function (require) {
 
             await this._rpc({route: "/vault/rights/store", params: {keys: result}});
 
+            // Re-encrypt the inboxes to not loose it
+            const inbox_keys = await this._rpc({route: "/vault/inbox/get"});
+            result = {};
+            for (const uuid in inbox_keys) {
+                result[uuid] = await utils.wrap(
+                    await utils.unwrap(inbox_keys[uuid], private_key),
+                    public_key
+                );
+            }
+
+            await this._rpc({route: "/vault/inbox/store", params: {keys: result}});
+
             await this.reload();
         },
 
diff --git a/vault/tests/test_controller.py b/vault/tests/test_controller.py
index ea4c5e5eb5..145004a2aa 100644
--- a/vault/tests/test_controller.py
+++ b/vault/tests/test_controller.py
@@ -169,3 +169,24 @@ def test_vault_store_right_key(self, request_mock):
 
         self.controller.vault_store_right_keys({vault.uuid: "new key"})
         self.assertEqual(vault.right_ids.key, "new key")
+
+    @mute_logger("odoo.sql_db")
+    def test_vault_inbox_keys(self, request_mock):
+        request_mock.env = self.env
+        self.assertFalse(self.controller.vault_get_inbox())
+
+        inbox = self.inbox.copy({"user_id": self.env.uid})
+
+        response = self.controller.vault_get_inbox()
+        self.assertEqual(response, {inbox.token: inbox.key})
+
+    @mute_logger("odoo.sql_db")
+    def test_vault_store_inbox_key(self, request_mock):
+        request_mock.env = self.env
+        inbox = self.inbox.copy({"user_id": self.env.uid})
+        inbox.user_id = self.env.user
+
+        self.controller.vault_store_inbox(None)
+
+        self.controller.vault_store_inbox({inbox.token: "new key"})
+        self.assertEqual(inbox.key, "new key")
diff --git a/vault/tests/test_rights.py b/vault/tests/test_rights.py
index 12f83423df..0cb0d8f25b 100644
--- a/vault/tests/test_rights.py
+++ b/vault/tests/test_rights.py
@@ -132,6 +132,12 @@ def test_user_share_no_permission(self):
         with self.assertRaises(AccessError):
             right.with_user(self.user).create({"vault_id": self.vault.id, "user_id": 2})
 
+        with self.assertRaises(AccessError):
+            right.with_user(self.user).write({"perm_share": True})
+
+        with self.assertRaises(AccessError):
+            right.with_user(self.user).write({"perm_share": True, "key": "abc"})
+
     def test_user_share_granted(self):
         # Granted permission to share
         right = self.env["vault.right"].create(
diff --git a/vault/tests/test_user.py b/vault/tests/test_user.py
index bbddb1a0ec..2655e5e2e6 100644
--- a/vault/tests/test_user.py
+++ b/vault/tests/test_user.py
@@ -32,3 +32,29 @@ def test_user_key_management(self):
         action = self.env.ref("vault.action_res_users_keys")
 
         self.assertEqual(action.id, self.env["res.users"].action_get_vault()["id"])
+
+    def test_invalidation(self):
+        self.env["res.users.key"].store(
+            40000, "invalid", "invalid", "invalid", "invalid", 42
+        )
+        self.assertTrue(self.env.user.keys.filtered("current"))
+
+        vault = self.env["vault"].create({"name": "Test"})
+        self.assertTrue(vault.right_ids)
+
+        inbox = self.env["vault.inbox"].create(
+            {
+                "name": "Inbox Test",
+                "secret": "secret",
+                "iv": "iv",
+                "user_id": self.env.uid,
+                "key": "key",
+                "secret_file": "",
+                "filename": "",
+            }
+        )
+
+        self.env.user.action_invalidate_key()
+        self.assertFalse(self.env.user.keys.filtered("current"))
+        self.assertFalse(inbox.exists())
+        self.assertFalse(vault.right_ids.exists())
diff --git a/vault/views/res_users_views.xml b/vault/views/res_users_views.xml
index 757dd31708..11799f7d06 100644
--- a/vault/views/res_users_views.xml
+++ b/vault/views/res_users_views.xml
@@ -47,6 +47,13 @@
                         string="New inbox link"
                         class="btn-primary"
                     />
+                    <button
+                        name="action_invalidate_key"
+                        type="object"
+                        string="Invalidate private key"
+                        class="btn-secondary"
+                        confirm="You will loose access to all vaults and your inbox. Do you want to continue?"
+                    />
                     <button special="cancel" string="Cancel" class="btn-secondary" />
                 </footer>
             </form>

From 86092279dffe4cc413446474c5a73887a523a977 Mon Sep 17 00:00:00 2001
From: oca-ci <oca-ci@odoo-community.org>
Date: Mon, 28 Nov 2022 09:12:19 +0000
Subject: [PATCH 26/71] Update vault.pot

---
 vault/i18n/vault.pot | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/vault/i18n/vault.pot b/vault/i18n/vault.pot
index 3413362249..113fac5bec 100644
--- a/vault/i18n/vault.pot
+++ b/vault/i18n/vault.pot
@@ -566,6 +566,7 @@ msgstr ""
 
 #. module: vault
 #: model:ir.actions.act_window,name:vault.action_vault_inbox
+#: model:ir.model.fields,field_description:vault.field_res_users__inbox_ids
 #: model:ir.model.fields,field_description:vault.field_vault_inbox_log__inbox_id
 #: model:ir.ui.menu,name:vault.menu_vault_inbox
 msgid "Inbox"
@@ -618,6 +619,11 @@ msgstr ""
 msgid "Invalid token"
 msgstr ""
 
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
+msgid "Invalidate private key"
+msgstr ""
+
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__iterations
 msgid "Iterations"
@@ -1313,6 +1319,12 @@ msgid ""
 "                        If an user is not showing please ask him to generate these."
 msgstr ""
 
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
+msgid ""
+"You will loose access to all vaults and your inbox. Do you want to continue?"
+msgstr ""
+
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/xml/templates.xml:0

From d49fe262a333aba1d7267ca0cfdc1bb5393f12f3 Mon Sep 17 00:00:00 2001
From: OCA-git-bot <oca-git-bot@odoo-community.org>
Date: Mon, 28 Nov 2022 09:15:26 +0000
Subject: [PATCH 27/71] vault 14.0.1.8.0

---
 vault/__manifest__.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vault/__manifest__.py b/vault/__manifest__.py
index 6d1a65fe4b..dc5c91fded 100644
--- a/vault/__manifest__.py
+++ b/vault/__manifest__.py
@@ -5,7 +5,7 @@
     "name": "Vault",
     "summary": "Password vault integration in Odoo",
     "license": "AGPL-3",
-    "version": "14.0.1.7.1",
+    "version": "14.0.1.8.0",
     "website": "https://github.com/OCA/server-auth",
     "application": True,
     "author": "initOS GmbH, Odoo Community Association (OCA)",

From f56d371b27680d94f1f2b4d286479f1492a92657 Mon Sep 17 00:00:00 2001
From: Weblate <noreply@weblate.org>
Date: Mon, 28 Nov 2022 09:15:35 +0000
Subject: [PATCH 28/71] Update translation files

Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: server-auth-14.0/server-auth-14.0-vault
Translate-URL: https://translation.odoo-community.org/projects/server-auth-14-0/server-auth-14-0-vault/
---
 vault/i18n/es.po | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/vault/i18n/es.po b/vault/i18n/es.po
index 97fb12fdf5..9cf7547f6e 100644
--- a/vault/i18n/es.po
+++ b/vault/i18n/es.po
@@ -303,6 +303,8 @@ msgid "Delete"
 msgstr "Borrar"
 
 #. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_config_settings__display_name
+#: model:ir.model.fields,field_description:vault.field_res_users__display_name
 #: model:ir.model.fields,field_description:vault.field_res_users_key__display_name
 #: model:ir.model.fields,field_description:vault.field_vault__display_name
 #: model:ir.model.fields,field_description:vault.field_vault_abstract__display_name
@@ -502,6 +504,8 @@ msgid "Hide"
 msgstr "Ocultar"
 
 #. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_config_settings__id
+#: model:ir.model.fields,field_description:vault.field_res_users__id
 #: model:ir.model.fields,field_description:vault.field_res_users_key__id
 #: model:ir.model.fields,field_description:vault.field_vault__id
 #: model:ir.model.fields,field_description:vault.field_vault_abstract__id
@@ -565,6 +569,7 @@ msgstr "Ruta del asistente de importación para vaults"
 
 #. module: vault
 #: model:ir.actions.act_window,name:vault.action_vault_inbox
+#: model:ir.model.fields,field_description:vault.field_res_users__inbox_ids
 #: model:ir.model.fields,field_description:vault.field_vault_inbox_log__inbox_id
 #: model:ir.ui.menu,name:vault.menu_vault_inbox
 msgid "Inbox"
@@ -615,6 +620,11 @@ msgstr "Parámetro no válido"
 msgid "Invalid token"
 msgstr "Token inválido"
 
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
+msgid "Invalidate private key"
+msgstr ""
+
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__iterations
 msgid "Iterations"
@@ -669,6 +679,8 @@ msgid "Keys"
 msgstr "Claves"
 
 #. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_config_settings____last_update
+#: model:ir.model.fields,field_description:vault.field_res_users____last_update
 #: model:ir.model.fields,field_description:vault.field_res_users_key____last_update
 #: model:ir.model.fields,field_description:vault.field_vault____last_update
 #: model:ir.model.fields,field_description:vault.field_vault_abstract____last_update
@@ -1251,6 +1263,16 @@ msgstr "Compartir los secretos de entrada de vault"
 msgid "Vault tag"
 msgstr "Etiqueta de vault"
 
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_search
+msgid "Vaults"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__version
+msgid "Version"
+msgstr ""
+
 #. module: vault
 #: code:addons/vault/models/vault_log.py:0
 #, python-format
@@ -1300,6 +1322,12 @@ msgstr ""
 "                        Si un usuario no aparece, por favor, pídale que los "
 "genere."
 
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
+msgid ""
+"You will loose access to all vaults and your inbox. Do you want to continue?"
+msgstr ""
+
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/xml/templates.xml:0

From 4f8b4a3e0a019d81f6280971fc5fba61aa6dc6d3 Mon Sep 17 00:00:00 2001
From: fkantelberg <florian.kantelberg@initos.com>
Date: Tue, 29 Nov 2022 18:36:22 +0100
Subject: [PATCH 29/71] Module vault and vault_share

---
 vault/__manifest__.py                         |  24 +-
 vault/i18n/vault.pot                          |  12 -
 vault/models/vault_entry.py                   |  13 +-
 vault/models/vault_inbox.py                   |   8 +-
 vault/static/src/backend/export.esm.js        | 128 ++++
 vault/static/src/backend/import.esm.js        | 244 ++++++++
 .../static/src/{xml => backend}/templates.xml |   0
 vault/static/src/backend/user_menu.esm.js     |  24 +
 vault/static/src/backend/vault.esm.js         | 422 +++++++++++++
 vault/static/src/{scss => backend}/vault.scss |   0
 vault/static/src/common/utils.esm.js          | 571 +++++++++++++++++
 vault/static/src/frontend/inbox.esm.js        |  83 +++
 vault/static/src/js/user_menu.js              |  26 -
 vault/static/src/js/vault.js                  | 433 -------------
 vault/static/src/js/vault_export.js           | 136 ----
 vault/static/src/js/vault_import.js           | 261 --------
 vault/static/src/js/vault_inbox.js            |  87 ---
 vault/static/src/js/vault_utils.js            | 586 ------------------
 .../src/{js => legacy}/vault_controller.js    |   2 +
 .../static/src/{js => legacy}/vault_widget.js |  34 +-
 vault/static/tests/vault_tests.js             |   2 +-
 vault/tests/test_controller.py                | 227 ++++---
 vault/tests/test_rights.py                    |   6 -
 vault/views/assets.xml                        |  38 --
 vault/views/templates.xml                     |   2 +-
 vault/views/vault_entry_views.xml             |  14 +-
 vault/wizards/vault_store_wizard.py           |   4 +-
 vault_share/__manifest__.py                   |  20 +-
 vault_share/models/vault_share.py             |  10 +-
 .../static/src/{xml => backend}/templates.xml |   0
 .../src/{scss => backend}/vault_share.scss    |   0
 vault_share/static/src/common/utils.esm.js    |  16 +
 vault_share/static/src/frontend/share.esm.js  |  50 ++
 vault_share/static/src/js/vault_share.js      |  58 --
 vault_share/static/src/js/vault_utils.js      |  19 -
 .../static/src/{js => legacy}/vault_fields.js |  12 +-
 .../src/{js => legacy}/vault_share_widget.js  |  22 +-
 vault_share/tests/test_share.py               |  30 +-
 vault_share/views/assets.xml                  |  33 -
 vault_share/views/templates.xml               |   6 +-
 40 files changed, 1776 insertions(+), 1887 deletions(-)
 create mode 100644 vault/static/src/backend/export.esm.js
 create mode 100644 vault/static/src/backend/import.esm.js
 rename vault/static/src/{xml => backend}/templates.xml (100%)
 create mode 100644 vault/static/src/backend/user_menu.esm.js
 create mode 100644 vault/static/src/backend/vault.esm.js
 rename vault/static/src/{scss => backend}/vault.scss (100%)
 create mode 100644 vault/static/src/common/utils.esm.js
 create mode 100644 vault/static/src/frontend/inbox.esm.js
 delete mode 100644 vault/static/src/js/user_menu.js
 delete mode 100644 vault/static/src/js/vault.js
 delete mode 100644 vault/static/src/js/vault_export.js
 delete mode 100644 vault/static/src/js/vault_import.js
 delete mode 100644 vault/static/src/js/vault_inbox.js
 delete mode 100644 vault/static/src/js/vault_utils.js
 rename vault/static/src/{js => legacy}/vault_controller.js (99%)
 rename vault/static/src/{js => legacy}/vault_widget.js (95%)
 delete mode 100644 vault/views/assets.xml
 rename vault_share/static/src/{xml => backend}/templates.xml (100%)
 rename vault_share/static/src/{scss => backend}/vault_share.scss (100%)
 create mode 100644 vault_share/static/src/common/utils.esm.js
 create mode 100644 vault_share/static/src/frontend/share.esm.js
 delete mode 100644 vault_share/static/src/js/vault_share.js
 delete mode 100644 vault_share/static/src/js/vault_utils.js
 rename vault_share/static/src/{js => legacy}/vault_fields.js (87%)
 rename vault_share/static/src/{js => legacy}/vault_share_widget.js (95%)
 delete mode 100644 vault_share/views/assets.xml

diff --git a/vault/__manifest__.py b/vault/__manifest__.py
index dc5c91fded..6c2f5407c6 100644
--- a/vault/__manifest__.py
+++ b/vault/__manifest__.py
@@ -5,7 +5,7 @@
     "name": "Vault",
     "summary": "Password vault integration in Odoo",
     "license": "AGPL-3",
-    "version": "14.0.1.8.0",
+    "version": "15.0.1.6.1",
     "website": "https://github.com/OCA/server-auth",
     "application": True,
     "author": "initOS GmbH, Odoo Community Association (OCA)",
@@ -14,7 +14,6 @@
     "data": [
         "security/ir.model.access.csv",
         "security/ir_rule.xml",
-        "views/assets.xml",
         "views/res_config_settings_views.xml",
         "views/res_users_views.xml",
         "views/vault_entry_views.xml",
@@ -31,5 +30,24 @@
         "wizards/vault_send_wizard.xml",
         "wizards/vault_store_wizard.xml",
     ],
-    "qweb": ["static/src/xml/templates.xml"],
+    "assets": {
+        "vault.assets_frontend": [
+            "vault/static/src/common/*.js",
+            "vault/static/src/frontend/*.js",
+        ],
+        "web.assets_backend": [
+            "vault/static/lib/**/*.min.js",
+            "vault/static/src/common/*.js",
+            "vault/static/src/backend/*.scss",
+            "vault/static/src/backend/*.js",
+            "vault/static/src/legacy/vault_controller.js",
+            "vault/static/src/legacy/vault_widget.js",
+        ],
+        "web.assets_qweb": [
+            "vault/static/src/**/*.xml",
+        ],
+        "web.tests_assets": [
+            "vault/static/tests/**/*.js",
+        ],
+    },
 }
diff --git a/vault/i18n/vault.pot b/vault/i18n/vault.pot
index 113fac5bec..3413362249 100644
--- a/vault/i18n/vault.pot
+++ b/vault/i18n/vault.pot
@@ -566,7 +566,6 @@ msgstr ""
 
 #. module: vault
 #: model:ir.actions.act_window,name:vault.action_vault_inbox
-#: model:ir.model.fields,field_description:vault.field_res_users__inbox_ids
 #: model:ir.model.fields,field_description:vault.field_vault_inbox_log__inbox_id
 #: model:ir.ui.menu,name:vault.menu_vault_inbox
 msgid "Inbox"
@@ -619,11 +618,6 @@ msgstr ""
 msgid "Invalid token"
 msgstr ""
 
-#. module: vault
-#: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
-msgid "Invalidate private key"
-msgstr ""
-
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__iterations
 msgid "Iterations"
@@ -1319,12 +1313,6 @@ msgid ""
 "                        If an user is not showing please ask him to generate these."
 msgstr ""
 
-#. module: vault
-#: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
-msgid ""
-"You will loose access to all vaults and your inbox. Do you want to continue?"
-msgstr ""
-
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/xml/templates.xml:0
diff --git a/vault/models/vault_entry.py b/vault/models/vault_entry.py
index 9aab041237..94abeeb68a 100644
--- a/vault/models/vault_entry.py
+++ b/vault/models/vault_entry.py
@@ -44,6 +44,7 @@ class VaultEntry(models.Model):
         compute="_compute_complete_name",
         store=True,
         readonly=True,
+        recursive=True,
     )
     uuid = fields.Char(default=lambda self: uuid4(), required=True)
     name = fields.Char(required=True)
@@ -81,7 +82,6 @@ def search_panel_select_range(self, field_name, **kwargs):
         - from_search_panel: It will be used to overwrite domain.
         Remove the limit of records (default is 200).
         """
-        kwargs.update(limit=False)
         return super(
             VaultEntry,
             self.with_context(from_search_panel=True, entry_short_name=True),
@@ -94,10 +94,9 @@ def search_read(self, domain=None, fields=None, offset=0, limit=None, order=None
         domain = domain if domain else []
         if self.env.context.get("from_search_panel"):
             domain += [("child_ids", "!=", False)]
-        res = super().search_read(
+        return super().search_read(
             domain=domain, fields=fields, offset=offset, limit=limit, order=order
         )
-        return res
 
     @api.depends("name", "complete_name")
     def _compute_display_name(self):
@@ -124,8 +123,12 @@ def _search_expired(self, operator, value):
     def log_change(self, action):
         self.ensure_one()
         self.log_info(
-            _("%s entry %s by %s")
-            % (action, self.complete_name, self.env.user.display_name)
+            _("%(action)s entry %(name)s by %(user)s")
+            % {
+                "action": action,
+                "name": self.complete_name,
+                "user": self.env.user.display_name,
+            }
         )
 
     @api.model_create_single
diff --git a/vault/models/vault_inbox.py b/vault/models/vault_inbox.py
index f4687d6e7a..d8c8028e22 100644
--- a/vault/models/vault_inbox.py
+++ b/vault/models/vault_inbox.py
@@ -79,8 +79,9 @@ def store_in_inbox(
         filename,
         ip=None,
     ):
+        log_info = {"name": user.name, "ip": ip or "n/a"}
         if len(self) == 0:
-            log = _("Created by %s via %s") % (user.name, ip or "n/a")
+            log = _("Created by %(name)s via %(ip)s") % log_info
             return self.create(
                 {
                     "name": name,
@@ -97,10 +98,7 @@ def store_in_inbox(
 
         self.ensure_one()
         if self.accesses > 0 and datetime.now() < self.expiration:
-            log = _("Written by %s via %s") % (
-                self.env.user.name,
-                ip or "n/a",
-            )
+            log = _("Written by %(name)s via %(ip)s") % log_info
 
             self.write(
                 {
diff --git a/vault/static/src/backend/export.esm.js b/vault/static/src/backend/export.esm.js
new file mode 100644
index 0000000000..abb324f313
--- /dev/null
+++ b/vault/static/src/backend/export.esm.js
@@ -0,0 +1,128 @@
+/** @odoo-module alias=vault.export **/
+// © 2021-2022 Florian Kantelberg - initOS GmbH
+// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import {_t} from "web.core";
+import utils from "vault.utils";
+
+// This class handles the export to different formats by using a standardize
+// JSON formatted data generated by the python backend.
+//
+// JSON format description:
+//
+// Entries are represented as objects with the following attributes
+//  `name`, `uuid`, `url`, `note`
+//     Specific fields of the entry. `uuid` is used for updating existing records
+//  `childs`
+//     Child entries
+//  `fields`, `files`
+//     List of encypted fields/files with `name`, `iv`, and `value`
+//
+export default class VaultExporter {
+    /**
+     * Encrypt a field of the above format properly for the backend to store.
+     * The changes are done inplace.
+     *
+     * @private
+     * @param {CryptoKey} master_key
+     * @param {Object} node
+     */
+    async _export_json_entry(master_key, node) {
+        const fields = [];
+        for (const field of node.fields || [])
+            fields.push({
+                name: field.name,
+                value: await utils.sym_decrypt(master_key, field.value, field.iv),
+            });
+
+        const files = [];
+        for (const file of node.files || [])
+            files.push({
+                name: file.name,
+                value: await utils.sym_decrypt(master_key, file.value, file.iv),
+            });
+
+        const childs = [];
+        for (const entry of node.childs || [])
+            childs.push(await this._export_json_entry(master_key, entry));
+
+        return {
+            name: node.name || "",
+            uuid: node.uuid || null,
+            url: node.url || "",
+            note: node.note || "",
+            childs: childs,
+            fields: fields,
+            files: files,
+        };
+    }
+
+    /**
+     * Decrypt the data fro the JSON export.
+     *
+     * @private
+     * @param {CryptoKey} master_key
+     * @param {Object} data
+     * @returns the encrypted entry for the database
+     */
+    async _export_json_data(master_key, data) {
+        const result = [];
+        for (const node of data)
+            result.push(await this._export_json_entry(master_key, node));
+        return JSON.stringify(result);
+    }
+
+    /**
+     * Export using JSON format. The database is stored in the `data` field of the JSON
+     * type and is an encrypted JSON object. For the encryption the needed encryption
+     * parameter `iv`, `salt` and `iterations` are stored in the file.
+     * This will add `iv` to fields and files and encrypt the `value`
+     *
+     * @private
+     * @param {CryptoKey} master_key
+     * @param {String} data
+     * @returns the encrypted entry for the database
+     */
+    async _export_json(master_key, data) {
+        // Get the password for the exported file from the user
+        const askpass = await utils.askpass(
+            _t("Please enter the password for the database")
+        );
+        let password = askpass.password || "";
+        if (askpass.keyfile)
+            password += await utils.digest(utils.toBinary(askpass.keyfile));
+
+        const iv = utils.generate_iv_base64();
+        const salt = utils.generate_bytes(utils.SaltLength).buffer;
+        const iterations = 4000;
+        const key = await utils.derive_key(password, salt, iterations);
+
+        // Unwrap the master key and decrypt the entries
+        const content = await this._export_json_data(master_key, JSON.parse(data));
+        return {
+            type: "encrypted",
+            iv: iv,
+            salt: utils.toBase64(salt),
+            data: await utils.sym_encrypt(key, content, iv),
+            iterations: iterations,
+        };
+    }
+
+    /**
+     * The main export functions which checks the file ending and calls the right function
+     * to handle the rest of the export
+     *
+     * @private
+     * @param {CryptoKey} master_key
+     * @param {String} filename
+     * @param {String} content
+     * @returns the data importable by the backend or false on error
+     */
+    async export(master_key, filename, content) {
+        if (!utils.supported()) return false;
+
+        if (filename.endsWith(".json"))
+            return await this._export_json(master_key, content);
+        return false;
+    }
+}
diff --git a/vault/static/src/backend/import.esm.js b/vault/static/src/backend/import.esm.js
new file mode 100644
index 0000000000..c2033d740b
--- /dev/null
+++ b/vault/static/src/backend/import.esm.js
@@ -0,0 +1,244 @@
+/** @odoo-module alias=vault.import **/
+// © 2021-2022 Florian Kantelberg - initOS GmbH
+// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+/* global kdbxweb */
+
+import {_t} from "web.core";
+import framework from "web.framework";
+import utils from "vault.utils";
+
+async function encrypted_field(master_key, name, value) {
+    if (!value) return null;
+
+    const iv = utils.generate_iv_base64();
+    return {
+        name: name,
+        iv: iv,
+        value: await utils.sym_encrypt(master_key, value, iv),
+    };
+}
+
+// This class handles the import from different formats by returning
+// an importable JSON formatted data which will be handled by the python
+// backend.
+//
+// JSON format description:
+//
+// Entries are represented as objects with the following attributes
+//  `name`, `uuid`, `url`, `note`
+//     Specific fields of the entry. `uuid` is used for updating existing records
+//  `childs`
+//     Child entries
+//  `fields`, `files`
+//     List of encypted fields/files with `name`, `iv`, and `value`
+//
+export default class VaultImporter {
+    /**
+     * Encrypt a field of the above format properly for the backend to store.
+     * The changes are done inplace.
+     *
+     * @private
+     * @param {CryptoKey} master_key
+     * @param {Object} node
+     */
+    async _import_json_entry(master_key, node) {
+        for (const field of node.fields || []) {
+            field.iv = utils.generate_iv_base64();
+            field.value = await utils.sym_encrypt(master_key, field.value, field.iv);
+        }
+
+        for (const file of node.files || []) {
+            file.iv = utils.generate_iv_base64();
+            file.value = await utils.sym_encrypt(master_key, file.value, file.iv);
+        }
+
+        for (const entry of node.childs || [])
+            await this._import_json_entry(master_key, entry);
+    }
+
+    /**
+     * Encrypt the data from the JSON import. This will add `iv` to fields and files
+     * and encrypt the `value`
+     *
+     * @private
+     * @param {CryptoKey} master_key
+     * @param {String} data
+     * @returns the encrypted entry for the database
+     */
+    async _import_json_data(master_key, data) {
+        for (const node of data) await this._import_json_entry(master_key, node);
+        return data;
+    }
+
+    /**
+     * Load from an encrypted JSON file. Encrypt the data with similar format as
+     * described above. This will add `iv` to fields and files and encrypt the `value`
+     *
+     * @private
+     * @param {CryptoKey} master_key
+     * @param {Object} content
+     * @returns the encrypted entry for the database
+     */
+    async _import_encrypted_json(master_key, content) {
+        const askpass = await utils.askpass(
+            _t("Please enter the password for the database")
+        );
+        let password = askpass.password || "";
+        if (askpass.keyfile)
+            password += await utils.digest(utils.toBinary(askpass.keyfile));
+
+        const key = await utils.derive_key(
+            password,
+            utils.fromBase64(content.salt),
+            content.iterations
+        );
+        const result = await utils.sym_decrypt(key, content.data, content.iv);
+        return await this._import_json_data(master_key, JSON.parse(result));
+    }
+
+    /**
+     * Import using JSON format. The database is stored in the `data` field of the JSON
+     * type and is either a JSON object or an encrypted JSON object. For the encryption
+     * the needed encryption parameter `iv`, `salt` and `iterations` are stored in the
+     * file. This will add `iv` to fields and files and encrypt the `value`
+     *
+     * @private
+     * @param {CryptoKey} master_key
+     * @param {String} data
+     * @returns the encrypted entry for the database
+     */
+    async _import_json(master_key, data) {
+        // Unwrap the master key and encrypt the entries
+        const result = JSON.parse(data);
+        switch (result.type) {
+            case "encrypted":
+                return await this._import_encrypted_json(master_key, result);
+            case "raw":
+                return await this._import_json_data(master_key, result.data);
+        }
+
+        throw Error(_t("Unsupported file to import"));
+    }
+
+    /**
+     * Encrypt an entry from the kdbx file properly for the backend to store
+     *
+     * @private
+     * @param {CryptoKey} master_key
+     * @param {Object} entry
+     * @returns the encrypted entry for the database
+     */
+    async _import_kdbx_entry(master_key, entry) {
+        let pass = entry.fields.Password;
+        if (pass) pass = pass.getText();
+
+        const res = {
+            uuid: entry.uuid && entry.uuid.id,
+            note: entry.fields.Notes,
+            name: entry.fields.Title,
+            url: entry.fields.URL,
+            fields: [
+                await encrypted_field(master_key, "Username", entry.fields.UserName),
+                await encrypted_field(master_key, "Password", pass),
+            ],
+            files: [],
+        };
+
+        for (const name in entry.binaries)
+            res.files.push(
+                await encrypted_field(
+                    master_key,
+                    name,
+                    utils.toBase64(entry.binaries[name].value)
+                )
+            );
+
+        return res;
+    }
+
+    /**
+     * Handle a kdbx group entry by creating an sub-entry and calling the right functions
+     * on the childs
+     *
+     * @private
+     * @param {CryptoKey} master_key
+     * @param {Object} group
+     * @returns the encrypted entry for the database
+     */
+    async _import_kdbx_group(master_key, group) {
+        const res = {
+            uuid: group.uuid && group.uuid.id,
+            name: group.name,
+            note: group.notes,
+            childs: [],
+        };
+
+        for (const sub_group of group.groups || [])
+            res.childs.push(await this._import_kdbx_group(master_key, sub_group));
+
+        for (const entry of group.entries || [])
+            res.childs.push(await this._import_kdbx_entry(master_key, entry));
+
+        return res;
+    }
+
+    /**
+     * Load a kdbx file, encrypt the data, and return in the described JSON format
+     *
+     * @private
+     * @param {CryptoKey} master_key
+     * @param {String} data
+     * @returns the encrypted data for the backend
+     */
+    async _import_kdbx(master_key, data) {
+        // Get the credentials of the keepass database
+        const askpass = await utils.askpass(
+            _t("Please enter the password for the keepass database")
+        );
+
+        // TODO: challenge-response
+        const credentials = new kdbxweb.Credentials(
+            (askpass.password && kdbxweb.ProtectedValue.fromString(askpass.password)) ||
+                null,
+            askpass.keyfile || null
+        );
+
+        // Convert the data to an ArrayBuffer
+        const buffer = utils.fromBinary(data);
+
+        // Decrypt the database
+        const db = await kdbxweb.Kdbx.load(buffer, credentials);
+
+        try {
+            // Unwrap the master key, format, and encrypt the database
+            framework.blockUI();
+            const result = [];
+            for (const group of db.groups)
+                result.push(await this._import_kdbx_group(master_key, group));
+            return result;
+        } finally {
+            framework.unblockUI();
+        }
+    }
+
+    /**
+     * The main import functions which checks the file ending and calls the right function
+     * to handle the rest of the import
+     *
+     * @private
+     * @param {CryptoKey} master_key
+     * @param {String} filename
+     * @param {String} content
+     * @returns the data importable by the backend or false on error
+     */
+    async import(master_key, filename, content) {
+        if (!utils.supported()) return false;
+
+        if (filename.endsWith(".json"))
+            return await this._import_json(master_key, content);
+        else if (filename.endsWith(".kdbx"))
+            return await this._import_kdbx(master_key, content);
+        return false;
+    }
+}
diff --git a/vault/static/src/xml/templates.xml b/vault/static/src/backend/templates.xml
similarity index 100%
rename from vault/static/src/xml/templates.xml
rename to vault/static/src/backend/templates.xml
diff --git a/vault/static/src/backend/user_menu.esm.js b/vault/static/src/backend/user_menu.esm.js
new file mode 100644
index 0000000000..8b3297956c
--- /dev/null
+++ b/vault/static/src/backend/user_menu.esm.js
@@ -0,0 +1,24 @@
+/** @odoo-module **/
+// © 2021-2022 Florian Kantelberg - initOS GmbH
+// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import {registry} from "@web/core/registry";
+
+export function vaultPreferencesItem(env) {
+    return {
+        type: "item",
+        id: "key_management",
+        description: env._t("Key Management"),
+        callback: async function () {
+            const actionDescription = await env.services.orm.call(
+                "res.users",
+                "action_get_vault"
+            );
+            actionDescription.res_id = env.services.user.userId;
+            env.services.action.doAction(actionDescription);
+        },
+        sequence: 55,
+    };
+}
+
+registry.category("user_menuitems").add("key", vaultPreferencesItem, {force: true});
diff --git a/vault/static/src/backend/vault.esm.js b/vault/static/src/backend/vault.esm.js
new file mode 100644
index 0000000000..8abd5db992
--- /dev/null
+++ b/vault/static/src/backend/vault.esm.js
@@ -0,0 +1,422 @@
+/** @odoo-module alias=vault **/
+// © 2021-2022 Florian Kantelberg - initOS GmbH
+// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+// web.dom_ready
+import * as utils from "vault.utils";
+import {_t} from "web.core";
+import ajax from "web.ajax";
+import {session} from "web.session";
+
+// Database name on the browser
+const Database = "vault";
+
+const indexedDB =
+    window.indexedDB ||
+    window.mozIndexedDB ||
+    window.webkitIndexedDB ||
+    window.msIndexedDB ||
+    window.shimIndexedDB;
+
+// Expiration time of the vault store entries
+const Expiration = 15 * 60 * 1000;
+
+/**
+ * Ask the user to enter a password using a dialog and put the password together
+ *
+ * @param {Boolean} confirm
+ * @returns password
+ */
+async function askpassword(confirm = false) {
+    const askpass = await utils.askpass(
+        _t("Please enter the password for your private key"),
+        {confirm: confirm}
+    );
+
+    let password = askpass.password || "";
+    if (askpass.keyfile)
+        password += await utils.digest(utils.toBinary(askpass.keyfile));
+
+    return password;
+}
+
+// Vault implementation
+class Vault {
+    /**
+     * Check if the user actually has keys otherwise generate them on init
+     *
+     * @override
+     */
+    constructor() {
+        var self = this;
+
+        function waitAndCheck() {
+            if (!utils.supported()) return null;
+
+            if (odoo.isReady) self._initialize_keys();
+            else setTimeout(waitAndCheck, 500);
+        }
+
+        setTimeout(waitAndCheck, 500);
+    }
+
+    /**
+     * RPC call to the backend
+     *
+     * @param {String} url
+     * @param {Object} params
+     * @param {Object} options
+     * @returns promise
+     */
+    rpc(url, params, options) {
+        return ajax.jsonRpc(url, "call", params, _.clone(options || {}));
+    }
+
+    /**
+     * Generate a new key pair and export to database and object store
+     */
+    async generate_keys() {
+        this.keys = await utils.generate_key_pair();
+        this.time = new Date();
+
+        if (!(await this._export_to_database()))
+            throw Error(_t("Failed to export the keys to the database"));
+
+        await this._export_to_store();
+    }
+
+    /**
+     * Check if export to database is required due to key migration
+     *
+     * @private
+     * @param {String} password
+     */
+    async _check_key_migration(password = null) {
+        if (!this.version) await this._export_to_database(password);
+    }
+
+    /**
+     * Lazy initialization of the keys which is not fully loading the keys
+     * into the javascript but ensures that keys exist in the database to
+     * to be loaded
+     *
+     * @private
+     */
+    async _initialize_keys() {
+        // Get the uuid of the currently active keys from the database
+        this.uuid = await this._check_database();
+        if (this.uuid) {
+            // If the object store has the keys it's done
+            if (await this._import_from_store()) return;
+
+            // Otherwise an import from the database and export to the object store
+            // is needed
+            if (await this._import_from_database()) {
+                await this._export_to_store();
+                return true;
+            }
+
+            // This should be silent because it would influence the entire workflow
+            console.error("Failed to import the keys from the database");
+            return false;
+        }
+
+        // There are no keys in the database which means we have to generate them
+        return await this.generate_keys();
+    }
+
+    /**
+     * Ensure that the keys are available
+     *
+     * @private
+     */
+    async _ensure_keys() {
+        // Check if the keys expired
+        const now = new Date();
+        if (now - this.time <= Expiration) return;
+
+        // Keys expired means that we have to get them again
+        this.keys = this.time = null;
+
+        // Clear the object store first
+        const store = await this._get_object_store();
+        store.clear();
+
+        // Import the keys from the database
+        if (!(await this._import_from_database()))
+            throw Error(_t("Failed to import keys from database"));
+
+        // Store the imported keys in the object store for the next calls
+        if (!(await this._export_to_store()))
+            throw Error(_t("Failed to export keys to object store"));
+
+        return;
+    }
+
+    /**
+     * Get the private key and check if the keys expired
+     *
+     * @returns the private key of the user
+     */
+    async get_private_key() {
+        await this._ensure_keys();
+        return this.keys.privateKey;
+    }
+
+    /**
+     * Get the public key and check if the keys expired
+     *
+     * @returns the public key of the user
+     */
+    async get_public_key() {
+        await this._ensure_keys();
+        return this.keys.publicKey;
+    }
+
+    /**
+     * Open the indexed DB and return object store using promise
+     *
+     * @private
+     * @returns a promise
+     */
+    _get_object_store() {
+        return new Promise((resolve, reject) => {
+            const open = indexedDB.open(Database, 1);
+            open.onupgradeneeded = function () {
+                const db = open.result;
+                db.createObjectStore(Database, {keyPath: "id"});
+            };
+
+            open.onerror = function (event) {
+                reject(`error opening database ${event.target.errorCode}`);
+            };
+
+            open.onsuccess = function () {
+                const db = open.result;
+                const tx = db.transaction(Database, "readwrite");
+
+                resolve(tx.objectStore(Database));
+
+                tx.oncomplete = function () {
+                    db.close();
+                };
+            };
+        });
+    }
+
+    /**
+     * Open the object store and extract the keys using the id
+     *
+     * @private
+     * @param {String} uuid
+     * @returns the result from the object store or false
+     */
+    async _get_keys(uuid) {
+        const self = this;
+        return new Promise((resolve, reject) => {
+            self._get_object_store().then((store) => {
+                const request = store.get(uuid);
+                request.onerror = function (event) {
+                    reject(`error opening database ${event.target.errorCode}`);
+                };
+                request.onsuccess = function () {
+                    resolve(request.result);
+                };
+            });
+        });
+    }
+
+    /**
+     * Check if the keys exist in the database
+     *
+     * @returns the uuid of the currently active keys or false
+     */
+    async _check_database() {
+        const params = await this.rpc("/vault/keys/get");
+        if (Object.keys(params).length && params.uuid) return params.uuid;
+        return false;
+    }
+
+    /**
+     * Check if the keys exist in the store
+     *
+     * @private
+     * @param {String} uuid
+     * @returns if the keys are in the object store
+     */
+    async _check_store(uuid) {
+        if (!uuid) return false;
+
+        const result = await this._get_keys(uuid);
+        return Boolean(result && result.keys);
+    }
+
+    /**
+     * Import the keys from the indexed DB
+     *
+     * @private
+     * @returns if the import from the object store succeeded
+     */
+    async _import_from_store() {
+        const data = await this._get_keys(this.uuid);
+        if (data) {
+            this.keys = data.keys;
+            this.time = data.time;
+            return true;
+        }
+        return false;
+    }
+
+    /**
+     * Export the current keys to the indexed DB
+     *
+     * @private
+     * @returns true
+     */
+    async _export_to_store() {
+        const keys = {id: this.uuid, keys: this.keys, time: this.time};
+        const store = await this._get_object_store();
+        store.put(keys);
+        return true;
+    }
+
+    /**
+     * Export the key pairs to the backends
+     *
+     * @private
+     * @param {String} password
+     * @returns if the export to the database succeeded
+     */
+    async _export_to_database(password = null) {
+        // Generate salt for the user key
+        this.salt = utils.generate_bytes(utils.SaltLength).buffer;
+        this.iterations = 4000;
+        this.version = 1;
+
+        // Wrap the private key with the master key of the user
+        this.iv = utils.generate_bytes(utils.IVLength);
+
+        // Request the password from the user and derive the user key
+        const pass = await utils.derive_key(
+            password || (await askpassword(true)),
+            this.salt,
+            this.iterations
+        );
+
+        // Export the private key wrapped with the master key
+        const private_key = await utils.export_private_key(
+            await this.get_private_key(),
+            pass,
+            this.iv
+        );
+
+        // Export the public key
+        const public_key = await utils.export_public_key(await this.get_public_key());
+
+        const params = {
+            public: public_key,
+            private: private_key,
+            iv: utils.toBase64(this.iv),
+            iterations: this.iterations,
+            salt: utils.toBase64(this.salt),
+            version: this.version,
+        };
+
+        // Export to the server
+        const response = await this.rpc("/vault/keys/store", params);
+        if (response) {
+            this.uuid = response;
+            return true;
+        }
+
+        console.error("Failed to export keys to database");
+        return false;
+    }
+
+    /**
+     * Import the keys from the backend and decrypt the private key
+     *
+     * @private
+     * @returns if the import succeeded
+     */
+    async _import_from_database() {
+        const params = await this.rpc("/vault/keys/get");
+        if (Object.keys(params).length) {
+            this.salt = utils.fromBase64(params.salt);
+            this.iterations = params.iterations;
+            this.version = params.version || 0;
+
+            // Request the password from the user and derive the user key
+            const raw_password = await askpassword(false);
+            let password = raw_password;
+
+            // Compatibility
+            if (!this.version) password = session.username + "|" + password;
+
+            const pass = await utils.derive_key(password, this.salt, this.iterations);
+
+            this.keys = {
+                publicKey: await utils.load_public_key(params.public),
+                privateKey: await utils.load_private_key(
+                    params.private,
+                    pass,
+                    params.iv
+                ),
+            };
+
+            this.time = new Date();
+            this.uuid = params.uuid;
+
+            this._check_key_migration(raw_password);
+            return true;
+        }
+        return false;
+    }
+
+    /**
+     * Wrap the master key with the own public key
+     *
+     * @param {CryptoKey} master_key
+     * @returns wrapped master key
+     */
+    async wrap(master_key) {
+        return await utils.wrap(master_key, await this.get_public_key());
+    }
+
+    /**
+     * Wrap the master key with a public key given as string
+     *
+     * @param {CryptoKey} master_key
+     * @param {String} public_key
+     * @returns wrapped master key
+     */
+    async wrap_with(master_key, public_key) {
+        const pub_key = await utils.load_public_key(public_key);
+        return await utils.wrap(master_key, pub_key);
+    }
+
+    /**
+     * Unwrap the master key with the own private key
+     *
+     * @param {CryptoKey} master_key
+     * @returns unwrapped master key
+     */
+    async unwrap(master_key) {
+        return await utils.unwrap(master_key, await this.get_private_key());
+    }
+
+    /**
+     * Share a wrapped master key by unwrapping with own private key and wrapping with
+     * another key
+     *
+     * @param {String} master_key
+     * @param {String} public_key
+     * @returns wrapped master key
+     */
+    async share(master_key, public_key) {
+        const key = await this.unwrap(master_key);
+        return await this.wrap_with(key, public_key);
+    }
+}
+
+export default new Vault();
diff --git a/vault/static/src/scss/vault.scss b/vault/static/src/backend/vault.scss
similarity index 100%
rename from vault/static/src/scss/vault.scss
rename to vault/static/src/backend/vault.scss
diff --git a/vault/static/src/common/utils.esm.js b/vault/static/src/common/utils.esm.js
new file mode 100644
index 0000000000..95a5a3114b
--- /dev/null
+++ b/vault/static/src/common/utils.esm.js
@@ -0,0 +1,571 @@
+/** @odoo-module alias=vault.utils **/
+// © 2021-2022 Florian Kantelberg - initOS GmbH
+// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import {_t, qweb} from "web.core";
+import Dialog from "web.Dialog";
+
+const CryptoAPI = window.crypto.subtle;
+
+// Some basic constants used for the entire vaults
+const AsymmetricName = "RSA-OAEP";
+const Hash = "SHA-512";
+const SymmetricName = "AES-GCM";
+
+const HashLength = 10;
+const IVLength = 12;
+const SaltLength = 32;
+
+const Asymmetric = {
+    name: AsymmetricName,
+    modulusLength: 4096,
+    publicExponent: new Uint8Array([1, 0, 1]),
+    hash: Hash,
+};
+const Symmetric = {
+    name: SymmetricName,
+    length: 256,
+};
+
+/**
+ * Checks if the CryptoAPI is available and the vault feature supported
+ *
+ * @returns if vault is supported
+ */
+function supported() {
+    return Boolean(CryptoAPI);
+}
+
+/**
+ * Converts an ArrayBuffer to an ASCII string
+ *
+ * @param {ArrayBuffer} buffer
+ * @returns the data converted to a string
+ */
+function toBinary(buffer) {
+    if (!buffer) return "";
+
+    const chars = Array.from(new Uint8Array(buffer)).map(function (b) {
+        return String.fromCharCode(b);
+    });
+    return chars.join("");
+}
+
+/**
+ * Converts an ASCII string to an ArrayBuffer
+ *
+ * @param {String} binary
+ * @returns the data converted to an ArrayBuffer
+ */
+function fromBinary(binary) {
+    const len = binary.length;
+    const bytes = new Uint8Array(len);
+    for (let i = 0; i < len; i++) bytes[i] = binary.charCodeAt(i);
+    return bytes.buffer;
+}
+
+/**
+ * Converts an ArrayBuffer to a Base64 encoded string
+ *
+ * @param {ArrayBuffer} buffer
+ * @returns Base64 string
+ */
+function toBase64(buffer) {
+    if (!buffer) return "";
+
+    const chars = Array.from(new Uint8Array(buffer)).map(function (b) {
+        return String.fromCharCode(b);
+    });
+    return btoa(chars.join(""));
+}
+
+/**
+ * Converts an Base64 encoded string to an ArrayBuffer
+ *
+ * @param {String} base64
+ * @returns the data converted to an ArrayBuffer
+ */
+function fromBase64(base64) {
+    if (!base64) {
+        const bytes = new Uint8Array(0);
+        return bytes.buffer;
+    }
+
+    const binary_string = atob(base64);
+    const len = binary_string.length;
+    const bytes = new Uint8Array(len);
+    for (let i = 0; i < len; i++) bytes[i] = binary_string.charCodeAt(i);
+    return bytes.buffer;
+}
+
+/**
+ * Generate random bytes used for salts or IVs
+ *
+ * @param {int} length
+ * @returns an array with length random bytes
+ */
+function generate_bytes(length) {
+    const buf = new Uint8Array(length);
+    window.crypto.getRandomValues(buf);
+    return buf;
+}
+
+/**
+ * Generate random bytes used for salts or IVs encoded as base64
+ *
+ * @returns base64 string
+ */
+function generate_iv_base64() {
+    return toBase64(generate_bytes(IVLength));
+}
+
+/**
+ * Generate a random secret with specific characters
+ *
+ * @param {int} length
+ * @param {String} characters
+ * @returns base64 string
+ */
+function generate_secret(length, characters) {
+    let result = "";
+    const len = characters.length;
+    for (const k of generate_bytes(length))
+        result += characters[Math.floor((len * k) / 256)];
+    return result;
+}
+
+/**
+ * Generate a symmetric key for encrypting and decrypting
+ *
+ * @returns symmetric key
+ */
+async function generate_key() {
+    return await CryptoAPI.generateKey(Symmetric, true, ["encrypt", "decrypt"]);
+}
+
+/**
+ * Generate an asymmetric key pair for encrypting, decrypting, wrapping and unwrapping
+ *
+ * @returns asymmetric key
+ */
+async function generate_key_pair() {
+    return await CryptoAPI.generateKey(Asymmetric, true, [
+        "wrapKey",
+        "unwrapKey",
+        "decrypt",
+        "encrypt",
+    ]);
+}
+
+/**
+ * Generate a hash of the given data
+ *
+ * @param {String} data
+ * @returns base64 encoded hash of the data
+ */
+async function digest(data) {
+    const encoder = new TextEncoder();
+    return toBase64(await CryptoAPI.digest(Hash, encoder.encode(data)));
+}
+
+/**
+ * Ask the user to enter a password using a dialog
+ *
+ * @param {String} title of the dialog
+ * @param {Object} options
+ * @returns promise
+ */
+function askpass(title, options = {}) {
+    var self = this;
+
+    if (options.password === undefined) options.password = true;
+    if (options.keyfile === undefined) options.keyfile = true;
+
+    return new Promise((resolve, reject) => {
+        var dialog = new Dialog(self, {
+            title: title,
+            $content: $(qweb.render("vault.askpass", options)),
+            buttons: [
+                {
+                    text: _t("Enter"),
+                    classes: "btn-primary",
+                    click: async function () {
+                        const password = this.$("#password").val();
+                        const keyfile = this.$("#keyfile")[0].files[0];
+
+                        if (!password && !keyfile) {
+                            Dialog.alert(this, _t("Missing password"));
+                            return;
+                        }
+
+                        if (options.confirm) {
+                            const confirm = this.$("#confirm").val();
+
+                            if (confirm !== password) {
+                                Dialog.alert(this, _t("The passwords aren't matching"));
+                                return;
+                            }
+                        }
+
+                        dialog.close();
+
+                        let keyfile_content = null;
+                        if (keyfile) keyfile_content = fromBinary(await keyfile.text());
+
+                        resolve({
+                            password: password,
+                            keyfile: keyfile_content,
+                        });
+                    },
+                },
+                {
+                    text: _t("Cancel"),
+                    click: function () {
+                        dialog.close();
+                        reject(_t("Cancelled"));
+                    },
+                },
+            ],
+        });
+
+        dialog.open();
+    });
+}
+
+/**
+ * Ask the user to enter a password using a dialog
+ *
+ * @param {String} title of the dialog
+ * @param {Object} options
+ * @returns promise
+ */
+function generate_pass(title, options = {}) {
+    var self = this;
+
+    const $content = $(qweb.render("vault.generate_pass", options));
+    const $password = $content.find("#password")[0];
+    const $length = $content.find("#length")[0];
+    const $big = $content.find("#big_letter")[0];
+    const $small = $content.find("#small_letter")[0];
+    const $digits = $content.find("#digits")[0];
+    const $special = $content.find("#special")[0];
+    var password = null;
+
+    function gen_pass() {
+        let characters = "";
+        if ($big.checked) characters += "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
+        if ($small.checked) characters += "abcdefghijklmnopqrstuvwxyz";
+        if ($digits.checked) characters += "0123456789";
+        if ($special.checked) characters += "!?$%&/()[]{}|<>,;.:-_#+*\\";
+
+        if (characters)
+            $password.innerHTML = password = generate_secret($length.value, characters);
+    }
+
+    $length.onchange =
+        $big.onchange =
+        $small.onchange =
+        $digits.onchange =
+        $special.onchange =
+            gen_pass;
+
+    gen_pass();
+
+    return new Promise((resolve, reject) => {
+        var dialog = new Dialog(self, {
+            title: title,
+            $content: $content,
+            buttons: [
+                {
+                    text: _t("Enter"),
+                    classes: "btn-primary",
+                    click: async function () {
+                        if (!password) throw new Error(_t("Missing password"));
+
+                        dialog.close();
+                        resolve(password);
+                    },
+                },
+                {
+                    text: _t("Cancel"),
+                    click: function () {
+                        dialog.close();
+                        reject(_t("Cancelled"));
+                    },
+                },
+            ],
+        });
+
+        dialog.open();
+    });
+}
+
+/**
+ * Derive a key using the given data, salt and iterations using PBKDF2
+ *
+ * @param {String} data
+ * @param {String} salt
+ * @param {int} iterations
+ * @returns the derived key
+ */
+async function derive_key(data, salt, iterations) {
+    const enc = new TextEncoder();
+    const material = await CryptoAPI.importKey(
+        "raw",
+        enc.encode(data),
+        "PBKDF2",
+        false,
+        ["deriveBits", "deriveKey"]
+    );
+
+    return await CryptoAPI.deriveKey(
+        {
+            name: "PBKDF2",
+            salt: salt,
+            iterations: iterations,
+            hash: Hash,
+        },
+        material,
+        Symmetric,
+        false,
+        ["wrapKey", "unwrapKey", "encrypt", "decrypt"]
+    );
+}
+
+/**
+ * Encrypt the data using a public key
+ *
+ * @param {CryptoKey} public_key
+ * @param {String} data
+ * @returns the encrypted data
+ */
+async function asym_encrypt(public_key, data) {
+    if (!data) return data;
+
+    const enc = new TextEncoder();
+    return toBase64(
+        await CryptoAPI.encrypt({name: AsymmetricName}, public_key, enc.encode(data))
+    );
+}
+
+/**
+ * Decrypt the data using the own private key
+ *
+ * @param {CryptoKey} private_key
+ * @param {String} crypted
+ * @returns the decrypted data
+ */
+async function asym_decrypt(private_key, crypted) {
+    if (!crypted) return crypted;
+
+    const dec = new TextDecoder();
+    return dec.decode(
+        await CryptoAPI.decrypt(
+            {name: AsymmetricName},
+            private_key,
+            fromBase64(crypted)
+        )
+    );
+}
+
+/**
+ * Symmetrically encrypt the data using a master key
+ *
+ * @param {CryptoKey} key
+ * @param {String} data
+ * @param {String} iv
+ * @returns the encrypted data
+ */
+async function sym_encrypt(key, data, iv) {
+    if (!data) return data;
+
+    const hash = await digest(data);
+    const enc = new TextEncoder();
+    return toBase64(
+        await CryptoAPI.encrypt(
+            {name: SymmetricName, iv: fromBase64(iv), tagLength: 128},
+            key,
+            enc.encode(hash.slice(0, HashLength) + data)
+        )
+    );
+}
+
+/**
+ * Symmetrically decrypt the data using a master key
+ *
+ * @param {CryptoKey} key
+ * @param {String} crypted
+ * @param {String} iv
+ * @returns the decrypted data
+ */
+async function sym_decrypt(key, crypted, iv) {
+    if (!crypted) return crypted;
+
+    try {
+        const dec = new TextDecoder();
+        const message = dec.decode(
+            await CryptoAPI.decrypt(
+                {name: SymmetricName, iv: fromBase64(iv), tagLength: 128},
+                key,
+                fromBase64(crypted)
+            )
+        );
+
+        const data = message.slice(HashLength);
+        const hash = await digest(data);
+        // Compare the hash and return if integer
+        if (hash.slice(0, HashLength) === message.slice(0, HashLength)) return data;
+
+        console.error("Invalid data hash");
+        // Wrong hash
+        return null;
+    } catch (err) {
+        console.error(err);
+        return null;
+    }
+}
+
+/**
+ * Load a public key
+ *
+ * @param {String} public_key
+ * @returns the public key as CryptoKey
+ */
+async function load_public_key(public_key) {
+    return await CryptoAPI.importKey("spki", fromBase64(public_key), Asymmetric, true, [
+        "wrapKey",
+        "encrypt",
+    ]);
+}
+
+/**
+ * Load a private key
+ *
+ * @param {String} private_key
+ * @param {CryptoKey} key
+ * @param {String} iv
+ * @returns the private key as CryptoKey
+ */
+async function load_private_key(private_key, key, iv) {
+    return await CryptoAPI.unwrapKey(
+        "pkcs8",
+        fromBase64(private_key),
+        key,
+        {name: SymmetricName, iv: fromBase64(iv), tagLength: 128},
+        Asymmetric,
+        true,
+        ["unwrapKey", "decrypt"]
+    );
+}
+
+/**
+ * Export a public key in spki format
+ *
+ * @param {CryptoKey} public_key
+ * @returns the public key as string
+ */
+async function export_public_key(public_key) {
+    return toBase64(await CryptoAPI.exportKey("spki", public_key));
+}
+
+/**
+ * Export a private key in pkcs8 format
+ *
+ * @param {String} private_key
+ * @param {CryptoKey} key
+ * @param {String} iv
+ * @returns the public key as CryptoKey
+ */
+async function export_private_key(private_key, key, iv) {
+    return toBase64(
+        await CryptoAPI.wrapKey("pkcs8", private_key, key, {
+            name: SymmetricName,
+            iv: iv,
+            tagLength: 128,
+        })
+    );
+}
+
+/**
+ * Wrap the master key with the own public key
+ *
+ * @param {CryptoKey} key
+ * @param {CryptoKey} public_key
+ * @returns wrapped master key
+ */
+async function wrap(key, public_key) {
+    return toBase64(await CryptoAPI.wrapKey("raw", key, public_key, Asymmetric));
+}
+
+/**
+ * Unwrap the master key with the own private key
+ *
+ * @param {CryptoKey} key
+ * @param {CryptoKey} private_key
+ * @returns unwrapped master key
+ */
+async function unwrap(key, private_key) {
+    return await CryptoAPI.unwrapKey(
+        "raw",
+        fromBase64(key),
+        private_key,
+        Asymmetric,
+        Symmetric,
+        true,
+        ["encrypt", "decrypt"]
+    );
+}
+
+/**
+ * Capitalize each word of the string
+ *
+ * @param {String} s
+ * @returns capitalized string
+ */
+function capitalize(s) {
+    return s.toLowerCase().replace(/\b\w/g, function (c) {
+        return c.toUpperCase();
+    });
+}
+
+export default {
+    // Constants
+    Asymmetric: Asymmetric,
+    AsymmetricName: AsymmetricName,
+    Hash: Hash,
+    HashLength: HashLength,
+    IVLength: IVLength,
+    SaltLength: SaltLength,
+    Symmetric: Symmetric,
+    SymmetricName: SymmetricName,
+
+    // Crypto utility functions
+    askpass: askpass,
+    asym_decrypt: asym_decrypt,
+    asym_encrypt: asym_encrypt,
+    derive_key: derive_key,
+    digest: digest,
+    export_private_key: export_private_key,
+    export_public_key: export_public_key,
+    generate_bytes: generate_bytes,
+    generate_iv_base64: generate_iv_base64,
+    generate_key: generate_key,
+    generate_key_pair: generate_key_pair,
+    generate_pass: generate_pass,
+    generate_secret: generate_secret,
+    load_private_key: load_private_key,
+    load_public_key: load_public_key,
+    sym_decrypt: sym_decrypt,
+    sym_encrypt: sym_encrypt,
+    unwrap: unwrap,
+    wrap: wrap,
+
+    // Utility functions
+    capitalize: capitalize,
+    fromBase64: fromBase64,
+    fromBinary: fromBinary,
+    toBase64: toBase64,
+    toBinary: toBinary,
+
+    supported: supported,
+};
diff --git a/vault/static/src/frontend/inbox.esm.js b/vault/static/src/frontend/inbox.esm.js
new file mode 100644
index 0000000000..a7b2363a72
--- /dev/null
+++ b/vault/static/src/frontend/inbox.esm.js
@@ -0,0 +1,83 @@
+/** @odoo-modules alias=vault.inbox **/
+// © 2021-2022 Florian Kantelberg - initOS GmbH
+// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import utils from "vault.utils";
+
+const data = {};
+let key = false;
+let iv = false;
+
+const fields = [
+    "key",
+    "iv",
+    "public",
+    "encrypted",
+    "secret",
+    "encrypted_file",
+    "filename",
+    "secret_file",
+    "submit",
+];
+
+function toggle_required(element, value) {
+    if (value) element.setAttribute("required", "required");
+    else element.removeAttribute("required");
+}
+
+// Encrypt the value and store it in the right input field
+async function encrypt_and_store(value, target) {
+    if (!utils.supported()) return false;
+
+    // Find all the possible elements which are needed
+    for (const id of fields) if (!data[id]) data[id] = document.getElementById(id);
+
+    // We expect a public key here otherwise we can't procceed
+    if (!data.public.value) return;
+
+    const public_key = await utils.load_public_key(data.public.value);
+
+    // Create a new key if not already present
+    if (!key) {
+        key = await utils.generate_key();
+        data.key.value = await utils.wrap(key, public_key);
+    }
+
+    // Create a new IV if not already present
+    if (!iv) {
+        iv = utils.generate_iv_base64();
+        data.iv.value = iv;
+    }
+
+    // Encrypt the value symmetrically and store it in the field
+    const val = await utils.sym_encrypt(key, value, iv);
+    data[target].value = val;
+    return Boolean(val);
+}
+
+document.getElementById("secret").onchange = async function () {
+    if (!utils.supported()) return false;
+
+    if (!this.value) return;
+
+    const required = await encrypt_and_store(this.value, "encrypted");
+    toggle_required(data.secret, required);
+    toggle_required(data.secret_file, !required);
+    data.submit.removeAttribute("disabled");
+};
+
+document.getElementById("secret_file").onchange = async function () {
+    if (!utils.supported()) return false;
+
+    if (!this.files.length) return;
+
+    const file = this.files[0];
+    const value = await file.text();
+    if (!value) return;
+
+    const required = await encrypt_and_store(value, "encrypted_file");
+    toggle_required(data.secret, !required);
+    toggle_required(data.secret_file, required);
+    data.filename.value = file.name;
+    data.submit.removeAttribute("disabled");
+};
diff --git a/vault/static/src/js/user_menu.js b/vault/static/src/js/user_menu.js
deleted file mode 100644
index 8228685bb0..0000000000
--- a/vault/static/src/js/user_menu.js
+++ /dev/null
@@ -1,26 +0,0 @@
-// © 2021 Florian Kantelberg - initOS GmbH
-// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
-
-odoo.define("vault.UserMenu", function (require) {
-    "use strict";
-
-    var UserMenu = require("web.UserMenu");
-
-    UserMenu.include({
-        _onMenuKeys: function () {
-            var self = this;
-            var session = this.getSession();
-            this.trigger_up("clear_uncommitted_changes", {
-                callback: function () {
-                    self._rpc({
-                        model: "res.users",
-                        method: "action_get_vault",
-                    }).then(function (result) {
-                        result.res_id = session.uid;
-                        self.do_action(result);
-                    });
-                },
-            });
-        },
-    });
-});
diff --git a/vault/static/src/js/vault.js b/vault/static/src/js/vault.js
deleted file mode 100644
index 9bac482838..0000000000
--- a/vault/static/src/js/vault.js
+++ /dev/null
@@ -1,433 +0,0 @@
-// © 2021 Florian Kantelberg - initOS GmbH
-// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
-
-odoo.define("vault", function (require) {
-    "use strict";
-
-    require("web.dom_ready");
-    var ajax = require("web.ajax");
-    var core = require("web.core");
-    var mixins = require("web.mixins");
-    var session = require("web.session");
-    var utils = require("vault.utils");
-
-    var _t = core._t;
-
-    // Database name on the browser
-    const Database = "vault";
-
-    const indexedDB =
-        window.indexedDB ||
-        window.mozIndexedDB ||
-        window.webkitIndexedDB ||
-        window.msIndexedDB ||
-        window.shimIndexedDB;
-
-    // Expiration time of the vault store entries
-    const Expiration = 15 * 60 * 1000;
-
-    /**
-     * Ask the user to enter a password using a dialog and put the password together
-     *
-     * @param {Boolean} confirm
-     * @returns password
-     */
-    async function askpassword(confirm = false) {
-        const askpass = await utils.askpass(
-            _t("Please enter the password for your private key"),
-            {confirm: confirm}
-        );
-
-        let password = askpass.password || "";
-        if (askpass.keyfile)
-            password += await utils.digest(utils.toBinary(askpass.keyfile));
-
-        return password;
-    }
-
-    // Vault implementation
-    var Vault = core.Class.extend(mixins.EventDispatcherMixin, {
-        /**
-         * Check if the user actually has keys otherwise generate them on init
-         *
-         * @override
-         */
-        init: function () {
-            mixins.EventDispatcherMixin.init.call(this, arguments);
-            var self = this;
-
-            function waitAndCheck() {
-                if (!utils.supported()) return null;
-
-                if (odoo.isReady) self._initialize_keys();
-                else setTimeout(waitAndCheck, 500);
-            }
-
-            setTimeout(waitAndCheck, 500);
-        },
-
-        /**
-         * RPC call to the backend
-         *
-         * @param {String} url
-         * @param {Object} params
-         * @param {Object} options
-         * @returns promise
-         */
-        rpc: function (url, params, options) {
-            return ajax.jsonRpc(url, "call", params, _.clone(options || {}));
-        },
-
-        /**
-         * Generate a new key pair and export to database and object store
-         */
-        generate_keys: async function () {
-            this.keys = await utils.generate_key_pair();
-            this.time = new Date();
-
-            if (!(await this._export_to_database()))
-                throw Error(_t("Failed to export the keys to the database"));
-
-            await this._export_to_store();
-        },
-
-        /**
-         * Check if export to database is required due to key migration
-         *
-         * @private
-         */
-        _check_key_migration: async function (password = null) {
-            if (!this.version) await this._export_to_database(password);
-        },
-
-        /**
-         * Lazy initialization of the keys which is not fully loading the keys
-         * into the javascript but ensures that keys exist in the database to
-         * to be loaded
-         *
-         * @private
-         */
-        _initialize_keys: async function () {
-            // Get the uuid of the currently active keys from the database
-            this.uuid = await this._check_database();
-            if (this.uuid) {
-                // If the object store has the keys it's done
-                if (await this._import_from_store()) return;
-
-                // Otherwise an import from the database and export to the object store
-                // is needed
-                if (await this._import_from_database()) {
-                    await this._export_to_store();
-                    return true;
-                }
-
-                // This should be silent because it would influence the entire workflow
-                console.error("Failed to import the keys from the database");
-                return false;
-            }
-
-            // There are no keys in the database which means we have to generate them
-            return await this.generate_keys();
-        },
-
-        /**
-         * Ensure that the keys are available
-         *
-         * @private
-         */
-        _ensure_keys: async function () {
-            // Check if the keys expired
-            const now = new Date();
-            if (now - this.time <= Expiration) return;
-
-            // Keys expired means that we have to get them again
-            this.keys = this.time = null;
-
-            // Clear the object store first
-            const store = await this._get_object_store();
-            store.clear();
-
-            // Import the keys from the database
-            if (!(await this._import_from_database()))
-                throw Error(_t("Failed to import keys from database"));
-
-            // Store the imported keys in the object store for the next calls
-            if (!(await this._export_to_store()))
-                throw Error(_t("Failed to export keys to object store"));
-
-            return;
-        },
-
-        /**
-         * Get the private key and check if the keys expired
-         *
-         * @returns the private key of the user
-         */
-        get_private_key: async function () {
-            await this._ensure_keys();
-            return this.keys.privateKey;
-        },
-
-        /**
-         * Get the public key and check if the keys expired
-         *
-         * @returns the public key of the user
-         */
-        get_public_key: async function () {
-            await this._ensure_keys();
-            return this.keys.publicKey;
-        },
-
-        /**
-         * Open the indexed DB and return object store using promise
-         *
-         * @private
-         * @returns a promise
-         */
-        _get_object_store: function () {
-            return new Promise((resolve, reject) => {
-                var open = indexedDB.open(Database, 1);
-                open.onupgradeneeded = function () {
-                    var db = open.result;
-                    db.createObjectStore(Database, {keyPath: "id"});
-                };
-
-                open.onerror = function (event) {
-                    reject(`error opening database ${event.target.errorCode}`);
-                };
-
-                open.onsuccess = function () {
-                    var db = open.result;
-                    var tx = db.transaction(Database, "readwrite");
-
-                    resolve(tx.objectStore(Database));
-
-                    tx.oncomplete = function () {
-                        db.close();
-                    };
-                };
-            });
-        },
-
-        /**
-         * Open the object store and extract the keys using the id
-         *
-         * @private
-         * @param {String} uuid
-         * @returns the result from the object store or false
-         */
-        _get_keys: async function (uuid) {
-            var self = this;
-            return new Promise((resolve, reject) => {
-                self._get_object_store().then((store) => {
-                    const request = store.get(uuid);
-                    request.onerror = function (event) {
-                        reject(`error opening database ${event.target.errorCode}`);
-                    };
-                    request.onsuccess = function () {
-                        resolve(request.result);
-                    };
-                });
-            });
-        },
-
-        /**
-         * Check if the keys exist in the database
-         *
-         * @returns the uuid of the currently active keys or false
-         */
-        _check_database: async function () {
-            const params = await this.rpc("/vault/keys/get");
-            if (Object.keys(params).length && params.uuid) return params.uuid;
-            return false;
-        },
-
-        /**
-         * Check if the keys exist in the store
-         *
-         * @private
-         * @param {String} uuid
-         * @returns if the keys are in the object store
-         */
-        _check_store: async function (uuid) {
-            if (!uuid) return false;
-
-            const result = await this._get_keys(uuid);
-            return Boolean(result && result.keys);
-        },
-
-        /**
-         * Import the keys from the indexed DB
-         *
-         * @private
-         * @returns if the import from the object store succeeded
-         */
-        _import_from_store: async function () {
-            const data = await this._get_keys(this.uuid);
-            if (data) {
-                this.keys = data.keys;
-                this.time = data.time;
-                return true;
-            }
-            return false;
-        },
-
-        /**
-         * Export the current keys to the indexed DB
-         *
-         * @private
-         * @returns true
-         */
-        _export_to_store: async function () {
-            const keys = {id: this.uuid, keys: this.keys, time: this.time};
-            const store = await this._get_object_store();
-            store.put(keys);
-            return true;
-        },
-
-        /**
-         * Export the key pairs to the backends
-         *
-         * @private
-         * @returns if the export to the database succeeded
-         */
-        _export_to_database: async function (password = null) {
-            // Generate salt for the user key
-            this.salt = utils.generate_bytes(utils.SaltLength).buffer;
-            this.iterations = 4000;
-            this.version = 1;
-
-            // Wrap the private key with the master key of the user
-            this.iv = utils.generate_bytes(utils.IVLength);
-
-            // Request the password from the user and derive the user key
-            const pass = await utils.derive_key(
-                password || (await askpassword(true)),
-                this.salt,
-                this.iterations
-            );
-
-            // Export the private key wrapped with the master key
-            const private_key = await utils.export_private_key(
-                await this.get_private_key(),
-                pass,
-                this.iv
-            );
-
-            // Export the public key
-            const public_key = await utils.export_public_key(
-                await this.get_public_key()
-            );
-
-            const params = {
-                public: public_key,
-                private: private_key,
-                iv: utils.toBase64(this.iv),
-                iterations: this.iterations,
-                salt: utils.toBase64(this.salt),
-                version: this.version,
-            };
-
-            // Export to the server
-            const response = await this.rpc("/vault/keys/store", params);
-            if (response) {
-                this.uuid = response;
-                return true;
-            }
-
-            console.error("Failed to export keys to database");
-            return false;
-        },
-
-        /**
-         * Import the keys from the backend and decrypt the private key
-         *
-         * @private
-         * @returns if the import succeeded
-         */
-        _import_from_database: async function () {
-            const params = await this.rpc("/vault/keys/get");
-            if (Object.keys(params).length) {
-                this.salt = utils.fromBase64(params.salt);
-                this.iterations = params.iterations;
-                this.version = params.version || 0;
-
-                // Request the password from the user and derive the user key
-                const raw_password = await askpassword(false);
-                let password = raw_password;
-
-                // Compatibility
-                if (!this.version) password = session.username + "|" + password;
-
-                const pass = await utils.derive_key(
-                    password,
-                    this.salt,
-                    this.iterations
-                );
-
-                this.keys = {
-                    publicKey: await utils.load_public_key(params.public),
-                    privateKey: await utils.load_private_key(
-                        params.private,
-                        pass,
-                        params.iv
-                    ),
-                };
-
-                this.time = new Date();
-                this.uuid = params.uuid;
-
-                this._check_key_migration(raw_password);
-                return true;
-            }
-            return false;
-        },
-
-        /**
-         * Wrap the master key with the own public key
-         *
-         * @param {CryptoKey} master_key
-         * @returns wrapped master key
-         */
-        wrap: async function (master_key) {
-            return await utils.wrap(master_key, await this.get_public_key());
-        },
-
-        /**
-         * Wrap the master key with a public key given as string
-         *
-         * @param {CryptoKey} master_key
-         * @param {String} public_key
-         * @returns wrapped master key
-         */
-        wrap_with: async function (master_key, public_key) {
-            const pub_key = await utils.load_public_key(public_key);
-            return await utils.wrap(master_key, pub_key);
-        },
-
-        /**
-         * Unwrap the master key with the own private key
-         *
-         * @param {CryptoKey} master_key
-         * @returns unwrapped master key
-         */
-        unwrap: async function (master_key) {
-            return await utils.unwrap(master_key, await this.get_private_key());
-        },
-
-        /**
-         * Share a wrapped master key by unwrapping with own private key and wrapping with
-         * another key
-         *
-         * @param {String} master_key
-         * @param {String} public_key
-         * @returns wrapped master key
-         */
-        share: async function (master_key, public_key) {
-            const key = await this.unwrap(master_key);
-            return await this.wrap_with(key, public_key);
-        },
-    });
-
-    return new Vault();
-});
diff --git a/vault/static/src/js/vault_export.js b/vault/static/src/js/vault_export.js
deleted file mode 100644
index d74e2a6e31..0000000000
--- a/vault/static/src/js/vault_export.js
+++ /dev/null
@@ -1,136 +0,0 @@
-// © 2021 Florian Kantelberg - initOS GmbH
-// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
-
-odoo.define("vault.export", function (require) {
-    "use strict";
-
-    var core = require("web.core");
-    var mixins = require("web.mixins");
-    var utils = require("vault.utils");
-
-    var _t = core._t;
-
-    // This class handles the export to different formats by using a standardize
-    // JSON formatted data generated by the python backend.
-    //
-    // JSON format description:
-    //
-    // Entries are represented as objects with the following attributes
-    //  `name`, `uuid`, `url`, `note`
-    //     Specific fields of the entry. `uuid` is used for updating existing records
-    //  `childs`
-    //     Child entries
-    //  `fields`, `files`
-    //     List of encypted fields/files with `name`, `iv`, and `value`
-    //
-    var VaultExporter = core.Class.extend(mixins.EventDispatcherMixin, {
-        /**
-         * Encrypt a field of the above format properly for the backend to store.
-         * The changes are done inplace.
-         *
-         * @private
-         * @param {CryptoKey} master_key
-         * @param {Object} node
-         */
-        _export_json_entry: async function (master_key, node) {
-            const fields = [];
-            for (const field of node.fields || [])
-                fields.push({
-                    name: field.name,
-                    value: await utils.sym_decrypt(master_key, field.value, field.iv),
-                });
-
-            const files = [];
-            for (const file of node.files || [])
-                files.push({
-                    name: file.name,
-                    value: await utils.sym_decrypt(master_key, file.value, file.iv),
-                });
-
-            const childs = [];
-            for (const entry of node.childs || [])
-                childs.push(await this._export_json_entry(master_key, entry));
-
-            return {
-                name: node.name || "",
-                uuid: node.uuid || null,
-                url: node.url || "",
-                note: node.note || "",
-                childs: childs,
-                fields: fields,
-                files: files,
-            };
-        },
-
-        /**
-         * Decrypt the data fro the JSON export.
-         *
-         * @private
-         * @param {CryptoKey} master_key
-         * @param {Object} data
-         * @returns the encrypted entry for the database
-         */
-        _export_json_data: async function (master_key, data) {
-            const result = [];
-            for (const node of data)
-                result.push(await this._export_json_entry(master_key, node));
-            return JSON.stringify(result);
-        },
-
-        /**
-         * Export using JSON format. The database is stored in the `data` field of the JSON
-         * type and is an encrypted JSON object. For the encryption the needed encryption
-         * parameter `iv`, `salt` and `iterations` are stored in the file.
-         * This will add `iv` to fields and files and encrypt the `value`
-         *
-         * @private
-         * @param {CryptoKey} master_key
-         * @param {String} data
-         * @returns the encrypted entry for the database
-         */
-        _export_json: async function (master_key, data) {
-            // Get the password for the exported file from the user
-            const askpass = await utils.askpass(
-                _t("Please enter the password for the database")
-            );
-            let password = askpass.password || "";
-            if (askpass.keyfile)
-                password += await utils.digest(utils.toBinary(askpass.keyfile));
-
-            const iv = utils.generate_iv_base64();
-            const salt = utils.generate_bytes(utils.SaltLength).buffer;
-            const iterations = 4000;
-            const key = await utils.derive_key(password, salt, iterations);
-
-            // Unwrap the master key and decrypt the entries
-            const content = await this._export_json_data(master_key, JSON.parse(data));
-            return {
-                type: "encrypted",
-                iv: iv,
-                salt: utils.toBase64(salt),
-                data: await utils.sym_encrypt(key, content, iv),
-                iterations: iterations,
-            };
-        },
-
-        /**
-         * The main export functions which checks the file ending and calls the right function
-         * to handle the rest of the export
-         *
-         * @private
-         * @param {CryptoKey} master_key
-         * @param {String} filename
-         * @param {String} content
-         * @returns the data importable by the backend or false on error
-         */
-        export: async function (master_key, filename, content) {
-            if (!utils.supported()) return false;
-
-            if (filename.endsWith(".json"))
-                return await this._export_json(master_key, content);
-            return false;
-        },
-    });
-
-    return VaultExporter;
-});
diff --git a/vault/static/src/js/vault_import.js b/vault/static/src/js/vault_import.js
deleted file mode 100644
index 29b5ae1aba..0000000000
--- a/vault/static/src/js/vault_import.js
+++ /dev/null
@@ -1,261 +0,0 @@
-// © 2021 Florian Kantelberg - initOS GmbH
-// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
-
-/* global kdbxweb */
-
-odoo.define("vault.import", function (require) {
-    "use strict";
-
-    var core = require("web.core");
-    var framework = require("web.framework");
-    var mixins = require("web.mixins");
-    var utils = require("vault.utils");
-
-    var _t = core._t;
-
-    async function encrypted_field(master_key, name, value) {
-        if (!value) return null;
-
-        const iv = utils.generate_iv_base64();
-        return {
-            name: name,
-            iv: iv,
-            value: await utils.sym_encrypt(master_key, value, iv),
-        };
-    }
-
-    // This class handles the import from different formats by returning
-    // an importable JSON formatted data which will be handled by the python
-    // backend.
-    //
-    // JSON format description:
-    //
-    // Entries are represented as objects with the following attributes
-    //  `name`, `uuid`, `url`, `note`
-    //     Specific fields of the entry. `uuid` is used for updating existing records
-    //  `childs`
-    //     Child entries
-    //  `fields`, `files`
-    //     List of encypted fields/files with `name`, `iv`, and `value`
-    //
-    var VaultImporter = core.Class.extend(mixins.EventDispatcherMixin, {
-        /**
-         * Encrypt a field of the above format properly for the backend to store.
-         * The changes are done inplace.
-         *
-         * @private
-         * @param {CryptoKey} master_key
-         * @param {Object} node
-         */
-        _import_json_entry: async function (master_key, node) {
-            for (const field of node.fields || []) {
-                field.iv = utils.generate_iv_base64();
-                field.value = await utils.sym_encrypt(
-                    master_key,
-                    field.value,
-                    field.iv
-                );
-            }
-
-            for (const file of node.files || []) {
-                file.iv = utils.generate_iv_base64();
-                file.value = await utils.sym_encrypt(master_key, file.value, file.iv);
-            }
-
-            for (const entry of node.childs || [])
-                await this._import_json_entry(master_key, entry);
-        },
-
-        /**
-         * Encrypt the data from the JSON import. This will add `iv` to fields and files
-         * and encrypt the `value`
-         *
-         * @private
-         * @param {CryptoKey} master_key
-         * @param {String} data
-         * @returns the encrypted entry for the database
-         */
-        _import_json_data: async function (master_key, data) {
-            for (const node of data) await this._import_json_entry(master_key, node);
-            return data;
-        },
-
-        /**
-         * Load from an encrypted JSON file. Encrypt the data with similar format as
-         * described above. This will add `iv` to fields and files and encrypt the `value`
-         *
-         * @private
-         * @param {CryptoKey} master_key
-         * @param {Object} content
-         * @returns the encrypted entry for the database
-         */
-        _import_encrypted_json: async function (master_key, content) {
-            const askpass = await utils.askpass(
-                _t("Please enter the password for the database")
-            );
-            let password = askpass.password || "";
-            if (askpass.keyfile)
-                password += await utils.digest(utils.toBinary(askpass.keyfile));
-
-            const key = await utils.derive_key(
-                password,
-                utils.fromBase64(content.salt),
-                content.iterations
-            );
-            const result = await utils.sym_decrypt(key, content.data, content.iv);
-            return await this._import_json_data(master_key, JSON.parse(result));
-        },
-
-        /**
-         * Import using JSON format. The database is stored in the `data` field of the JSON
-         * type and is either a JSON object or an encrypted JSON object. For the encryption
-         * the needed encryption parameter `iv`, `salt` and `iterations` are stored in the
-         * file. This will add `iv` to fields and files and encrypt the `value`
-         *
-         * @private
-         * @param {CryptoKey} master_key
-         * @param {String} data
-         * @returns the encrypted entry for the database
-         */
-        _import_json: async function (master_key, data) {
-            // Unwrap the master key and encrypt the entries
-            const result = JSON.parse(data);
-            switch (result.type) {
-                case "encrypted":
-                    return await this._import_encrypted_json(master_key, result);
-                case "raw":
-                    return await this._import_json_data(master_key, result.data);
-            }
-
-            throw Error(_t("Unsupported file to import"));
-        },
-
-        /**
-         * Encrypt an entry from the kdbx file properly for the backend to store
-         *
-         * @private
-         * @param {CryptoKey} master_key
-         * @param {Object} entry
-         * @returns the encrypted entry for the database
-         */
-        _import_kdbx_entry: async function (master_key, entry) {
-            let pass = entry.fields.Password;
-            if (pass) pass = pass.getText();
-
-            const res = {
-                uuid: entry.uuid && entry.uuid.id,
-                note: entry.fields.Notes,
-                name: entry.fields.Title,
-                url: entry.fields.URL,
-                fields: [
-                    await encrypted_field(
-                        master_key,
-                        "Username",
-                        entry.fields.UserName
-                    ),
-                    await encrypted_field(master_key, "Password", pass),
-                ],
-                files: [],
-            };
-
-            for (const name in entry.binaries)
-                res.files.push(
-                    await encrypted_field(
-                        master_key,
-                        name,
-                        utils.toBase64(entry.binaries[name].value)
-                    )
-                );
-
-            return res;
-        },
-
-        /**
-         * Handle a kdbx group entry by creating an sub-entry and calling the right functions
-         * on the childs
-         *
-         * @private
-         * @param {CryptoKey} master_key
-         * @param {Object} group
-         * @returns the encrypted entry for the database
-         */
-        _import_kdbx_group: async function (master_key, group) {
-            const res = {
-                uuid: group.uuid && group.uuid.id,
-                name: group.name,
-                note: group.notes,
-                childs: [],
-            };
-
-            for (const sub_group of group.groups || [])
-                res.childs.push(await this._import_kdbx_group(master_key, sub_group));
-
-            for (const entry of group.entries || [])
-                res.childs.push(await this._import_kdbx_entry(master_key, entry));
-
-            return res;
-        },
-
-        /**
-         * Load a kdbx file, encrypt the data, and return in the described JSON format
-         *
-         * @private
-         * @param {CryptoKey} master_key
-         * @param {String} data
-         * @returns the encrypted data for the backend
-         */
-        _import_kdbx: async function (master_key, data) {
-            // Get the credentials of the keepass database
-            const askpass = await utils.askpass(
-                _t("Please enter the password for the keepass database")
-            );
-
-            // TODO: challenge-response
-            const credentials = new kdbxweb.Credentials(
-                (askpass.password &&
-                    kdbxweb.ProtectedValue.fromString(askpass.password)) ||
-                    null,
-                askpass.keyfile || null
-            );
-
-            // Convert the data to an ArrayBuffer
-            const buffer = utils.fromBinary(data);
-
-            // Decrypt the database
-            const db = await kdbxweb.Kdbx.load(buffer, credentials);
-
-            try {
-                // Unwrap the master key, format, and encrypt the database
-                framework.blockUI();
-                const result = [];
-                for (const group of db.groups)
-                    result.push(await this._import_kdbx_group(master_key, group));
-                return result;
-            } finally {
-                framework.unblockUI();
-            }
-        },
-
-        /**
-         * The main import functions which checks the file ending and calls the right function
-         * to handle the rest of the import
-         *
-         * @private
-         * @param {CryptoKey} master_key
-         * @param {String} filename
-         * @param {String} content
-         * @returns the data importable by the backend or false on error
-         */
-        import: async function (master_key, filename, content) {
-            if (!utils.supported()) return false;
-
-            if (filename.endsWith(".json"))
-                return await this._import_json(master_key, content);
-            else if (filename.endsWith(".kdbx"))
-                return await this._import_kdbx(master_key, content);
-            return false;
-        },
-    });
-
-    return VaultImporter;
-});
diff --git a/vault/static/src/js/vault_inbox.js b/vault/static/src/js/vault_inbox.js
deleted file mode 100644
index 5f4e757812..0000000000
--- a/vault/static/src/js/vault_inbox.js
+++ /dev/null
@@ -1,87 +0,0 @@
-// © 2021 Florian Kantelberg - initOS GmbH
-// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
-
-odoo.define("vault.inbox", function (require) {
-    "use strict";
-
-    require("web.dom_ready");
-    var utils = require("vault.utils");
-
-    var data = {};
-    var key = false;
-    var iv = false;
-
-    const fields = [
-        "key",
-        "iv",
-        "public",
-        "encrypted",
-        "secret",
-        "encrypted_file",
-        "filename",
-        "secret_file",
-        "submit",
-    ];
-
-    function toggle_required(element, value) {
-        if (value) element.setAttribute("required", "required");
-        else element.removeAttribute("required");
-    }
-
-    // Encrypt the value and store it in the right input field
-    async function encrypt_and_store(value, target) {
-        if (!utils.supported()) return false;
-
-        // Find all the possible elements which are needed
-        for (const id of fields) if (!data[id]) data[id] = document.getElementById(id);
-
-        // We expect a public key here otherwise we can't procceed
-        if (!data.public.value) return;
-
-        const public_key = await utils.load_public_key(data.public.value);
-
-        // Create a new key if not already present
-        if (!key) {
-            key = await utils.generate_key();
-            data.key.value = await utils.wrap(key, public_key);
-        }
-
-        // Create a new IV if not already present
-        if (!iv) {
-            iv = utils.generate_iv_base64();
-            data.iv.value = iv;
-        }
-
-        // Encrypt the value symmetrically and store it in the field
-        const val = await utils.sym_encrypt(key, value, iv);
-        data[target].value = val;
-        return Boolean(val);
-    }
-
-    document.getElementById("secret").onchange = async function () {
-        if (!utils.supported()) return false;
-
-        if (!this.value) return;
-
-        const required = await encrypt_and_store(this.value, "encrypted");
-        toggle_required(data.secret, required);
-        toggle_required(data.secret_file, !required);
-        data.submit.removeAttribute("disabled");
-    };
-
-    document.getElementById("secret_file").onchange = async function () {
-        if (!utils.supported()) return false;
-
-        if (!this.files.length) return;
-
-        const file = this.files[0];
-        const value = await file.text();
-        if (!value) return;
-
-        const required = await encrypt_and_store(value, "encrypted_file");
-        toggle_required(data.secret, !required);
-        toggle_required(data.secret_file, required);
-        data.filename.value = file.name;
-        data.submit.removeAttribute("disabled");
-    };
-});
diff --git a/vault/static/src/js/vault_utils.js b/vault/static/src/js/vault_utils.js
deleted file mode 100644
index e88fc38c64..0000000000
--- a/vault/static/src/js/vault_utils.js
+++ /dev/null
@@ -1,586 +0,0 @@
-// © 2021 Florian Kantelberg - initOS GmbH
-// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
-
-odoo.define("vault.utils", function (require) {
-    "use strict";
-
-    var core = require("web.core");
-    var Dialog = require("web.Dialog");
-
-    var _t = core._t;
-    var qweb = core.qweb;
-
-    const CryptoAPI = window.crypto.subtle;
-
-    // Some basic constants used for the entire vaults
-    const AsymmetricName = "RSA-OAEP";
-    const Hash = "SHA-512";
-    const SymmetricName = "AES-GCM";
-
-    const HashLength = 10;
-    const IVLength = 12;
-    const SaltLength = 32;
-
-    const Asymmetric = {
-        name: AsymmetricName,
-        modulusLength: 4096,
-        publicExponent: new Uint8Array([1, 0, 1]),
-        hash: Hash,
-    };
-    const Symmetric = {
-        name: SymmetricName,
-        length: 256,
-    };
-
-    /**
-     * Checks if the CryptoAPI is available and the vault feature supported
-     *
-     * @returns if vault is supported
-     */
-    function supported() {
-        return Boolean(CryptoAPI);
-    }
-
-    /**
-     * Converts an ArrayBuffer to an ASCII string
-     *
-     * @param {ArrayBuffer} buffer
-     * @returns the data converted to a string
-     */
-    function toBinary(buffer) {
-        if (!buffer) return "";
-
-        const chars = Array.from(new Uint8Array(buffer)).map(function (b) {
-            return String.fromCharCode(b);
-        });
-        return chars.join("");
-    }
-
-    /**
-     * Converts an ASCII string to an ArrayBuffer
-     *
-     * @param {String} binary
-     * @returns the data converted to an ArrayBuffer
-     */
-    function fromBinary(binary) {
-        const len = binary.length;
-        const bytes = new Uint8Array(len);
-        for (let i = 0; i < len; i++) bytes[i] = binary.charCodeAt(i);
-        return bytes.buffer;
-    }
-
-    /**
-     * Converts an ArrayBuffer to a Base64 encoded string
-     *
-     * @param {ArrayBuffer} buffer
-     * @returns Base64 string
-     */
-    function toBase64(buffer) {
-        if (!buffer) return "";
-
-        const chars = Array.from(new Uint8Array(buffer)).map(function (b) {
-            return String.fromCharCode(b);
-        });
-        return btoa(chars.join(""));
-    }
-
-    /**
-     * Converts an Base64 encoded string to an ArrayBuffer
-     *
-     * @param {String} base64
-     * @returns the data converted to an ArrayBuffer
-     */
-    function fromBase64(base64) {
-        if (!base64) {
-            const bytes = new Uint8Array(0);
-            return bytes.buffer;
-        }
-
-        const binary_string = atob(base64);
-        const len = binary_string.length;
-        const bytes = new Uint8Array(len);
-        for (let i = 0; i < len; i++) bytes[i] = binary_string.charCodeAt(i);
-        return bytes.buffer;
-    }
-
-    /**
-     * Generate random bytes used for salts or IVs
-     *
-     * @param {int} length
-     * @returns an array with length random bytes
-     */
-    function generate_bytes(length) {
-        const buf = new Uint8Array(length);
-        window.crypto.getRandomValues(buf);
-        return buf;
-    }
-
-    /**
-     * Generate random bytes used for salts or IVs encoded as base64
-     *
-     * @returns base64 string
-     */
-    function generate_iv_base64() {
-        return toBase64(generate_bytes(IVLength));
-    }
-
-    /**
-     * Generate a random secret with specific characters
-     *
-     * @param {int} length
-     * @param {String} characters
-     * @returns base64 string
-     */
-    function generate_secret(length, characters) {
-        let result = "";
-        const len = characters.length;
-        for (const k of generate_bytes(length))
-            result += characters[Math.floor((len * k) / 256)];
-        return result;
-    }
-
-    /**
-     * Generate a symmetric key for encrypting and decrypting
-     *
-     * @returns symmetric key
-     */
-    async function generate_key() {
-        return await CryptoAPI.generateKey(Symmetric, true, ["encrypt", "decrypt"]);
-    }
-
-    /**
-     * Generate an asymmetric key pair for encrypting, decrypting, wrapping and unwrapping
-     *
-     * @returns asymmetric key
-     */
-    async function generate_key_pair() {
-        return await CryptoAPI.generateKey(Asymmetric, true, [
-            "wrapKey",
-            "unwrapKey",
-            "decrypt",
-            "encrypt",
-        ]);
-    }
-
-    /**
-     * Generate a hash of the given data
-     *
-     * @param {String} data
-     * @returns base64 encoded hash of the data
-     */
-    async function digest(data) {
-        const encoder = new TextEncoder();
-        return toBase64(await CryptoAPI.digest(Hash, encoder.encode(data)));
-    }
-
-    /**
-     * Ask the user to enter a password using a dialog
-     *
-     * @param {String} title of the dialog
-     * @param {Object} options
-     * @returns promise
-     */
-    function askpass(title, options = {}) {
-        var self = this;
-
-        if (options.password === undefined) options.password = true;
-        if (options.keyfile === undefined) options.keyfile = true;
-
-        return new Promise((resolve, reject) => {
-            var dialog = new Dialog(self, {
-                title: title,
-                $content: $(qweb.render("vault.askpass", options)),
-                buttons: [
-                    {
-                        text: _t("Enter"),
-                        classes: "btn-primary",
-                        click: async function () {
-                            const password = this.$("#password").val();
-                            const keyfile = this.$("#keyfile")[0].files[0];
-
-                            if (!password && !keyfile) {
-                                Dialog.alert(this, _t("Missing password"));
-                                return;
-                            }
-
-                            if (options.confirm) {
-                                const confirm = this.$("#confirm").val();
-
-                                if (confirm !== password) {
-                                    Dialog.alert(
-                                        this,
-                                        _t("The passwords aren't matching")
-                                    );
-                                    return;
-                                }
-                            }
-
-                            dialog.close();
-
-                            let keyfile_content = null;
-                            if (keyfile)
-                                keyfile_content = fromBinary(await keyfile.text());
-
-                            resolve({
-                                password: password,
-                                keyfile: keyfile_content,
-                            });
-                        },
-                    },
-                    {
-                        text: _t("Cancel"),
-                        click: function () {
-                            dialog.close();
-                            reject(_t("Cancelled"));
-                        },
-                    },
-                ],
-            });
-
-            dialog.open();
-        });
-    }
-
-    /**
-     * Ask the user to enter a password using a dialog
-     *
-     * @param {String} title of the dialog
-     * @param {Object} options
-     * @returns promise
-     */
-    function generate_pass(title, options = {}) {
-        var self = this;
-
-        const $content = $(qweb.render("vault.generate_pass", options));
-        const $password = $content.find("#password")[0];
-        const $length = $content.find("#length")[0];
-        const $big = $content.find("#big_letter")[0];
-        const $small = $content.find("#small_letter")[0];
-        const $digits = $content.find("#digits")[0];
-        const $special = $content.find("#special")[0];
-        var password = null;
-
-        function gen_pass() {
-            let characters = "";
-            if ($big.checked) characters += "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
-            if ($small.checked) characters += "abcdefghijklmnopqrstuvwxyz";
-            if ($digits.checked) characters += "0123456789";
-            if ($special.checked) characters += "!?$%&/()[]{}|<>,;.:-_#+*\\";
-
-            if (characters)
-                $password.innerHTML = password = generate_secret(
-                    $length.value,
-                    characters
-                );
-        }
-
-        $length.onchange = $big.onchange = $small.onchange = $digits.onchange = $special.onchange = gen_pass;
-
-        gen_pass();
-
-        return new Promise((resolve, reject) => {
-            var dialog = new Dialog(self, {
-                title: title,
-                $content: $content,
-                buttons: [
-                    {
-                        text: _t("Enter"),
-                        classes: "btn-primary",
-                        click: async function () {
-                            if (!password) throw new Error(_t("Missing password"));
-
-                            dialog.close();
-                            resolve(password);
-                        },
-                    },
-                    {
-                        text: _t("Cancel"),
-                        click: function () {
-                            dialog.close();
-                            reject(_t("Cancelled"));
-                        },
-                    },
-                ],
-            });
-
-            dialog.open();
-        });
-    }
-
-    /**
-     * Derive a key using the given data, salt and iterations using PBKDF2
-     *
-     * @param {String} data
-     * @param {String} salt
-     * @param {int} iterations
-     * @returns the derived key
-     */
-    async function derive_key(data, salt, iterations) {
-        const enc = new TextEncoder();
-        const material = await CryptoAPI.importKey(
-            "raw",
-            enc.encode(data),
-            "PBKDF2",
-            false,
-            ["deriveBits", "deriveKey"]
-        );
-
-        return await CryptoAPI.deriveKey(
-            {
-                name: "PBKDF2",
-                salt: salt,
-                iterations: iterations,
-                hash: Hash,
-            },
-            material,
-            Symmetric,
-            false,
-            ["wrapKey", "unwrapKey", "encrypt", "decrypt"]
-        );
-    }
-
-    /**
-     * Encrypt the data using a public key
-     *
-     * @param {CryptoKey} public_key
-     * @param {String} data
-     * @returns the encrypted data
-     */
-    async function asym_encrypt(public_key, data) {
-        if (!data) return data;
-
-        const enc = new TextEncoder();
-        return toBase64(
-            await CryptoAPI.encrypt(
-                {name: AsymmetricName},
-                public_key,
-                enc.encode(data)
-            )
-        );
-    }
-
-    /**
-     * Decrypt the data using the own private key
-     *
-     * @param {CryptoKey} private_key
-     * @param {String} crypted
-     * @returns the decrypted data
-     */
-    async function asym_decrypt(private_key, crypted) {
-        if (!crypted) return crypted;
-
-        const dec = new TextDecoder();
-        return dec.decode(
-            await CryptoAPI.decrypt(
-                {name: AsymmetricName},
-                private_key,
-                fromBase64(crypted)
-            )
-        );
-    }
-
-    /**
-     * Symmetrically encrypt the data using a master key
-     *
-     * @param {CryptoKey} key
-     * @param {String} data
-     * @param {String} iv
-     * @returns the encrypted data
-     */
-    async function sym_encrypt(key, data, iv) {
-        if (!data) return data;
-
-        const hash = await digest(data);
-        const enc = new TextEncoder();
-        return toBase64(
-            await CryptoAPI.encrypt(
-                {name: SymmetricName, iv: fromBase64(iv), tagLength: 128},
-                key,
-                enc.encode(hash.slice(0, HashLength) + data)
-            )
-        );
-    }
-
-    /**
-     * Symmetrically decrypt the data using a master key
-     *
-     * @param {CryptoKey} key
-     * @param {String} crypted
-     * @param {String} iv
-     * @returns the decrypted data
-     */
-    async function sym_decrypt(key, crypted, iv) {
-        if (!crypted) return crypted;
-
-        try {
-            const dec = new TextDecoder();
-            const message = dec.decode(
-                await CryptoAPI.decrypt(
-                    {name: SymmetricName, iv: fromBase64(iv), tagLength: 128},
-                    key,
-                    fromBase64(crypted)
-                )
-            );
-
-            const data = message.slice(HashLength);
-            const hash = await digest(data);
-            // Compare the hash and return if integer
-            if (hash.slice(0, HashLength) === message.slice(0, HashLength)) return data;
-
-            console.error("Invalid data hash");
-            // Wrong hash
-            return null;
-        } catch (err) {
-            console.error(err);
-            return null;
-        }
-    }
-
-    /**
-     * Load a public key
-     *
-     * @param {String} public_key
-     * @returns the public key as CryptoKey
-     */
-    async function load_public_key(public_key) {
-        return await CryptoAPI.importKey(
-            "spki",
-            fromBase64(public_key),
-            Asymmetric,
-            true,
-            ["wrapKey", "encrypt"]
-        );
-    }
-
-    /**
-     * Load a private key
-     *
-     * @param {String} private_key
-     * @param {CryptoKey} key
-     * @param {String} iv
-     * @returns the private key as CryptoKey
-     */
-    async function load_private_key(private_key, key, iv) {
-        return await CryptoAPI.unwrapKey(
-            "pkcs8",
-            fromBase64(private_key),
-            key,
-            {name: SymmetricName, iv: fromBase64(iv), tagLength: 128},
-            Asymmetric,
-            true,
-            ["unwrapKey", "decrypt"]
-        );
-    }
-
-    /**
-     * Export a public key in spki format
-     *
-     * @param {CryptoKey} public_key
-     * @returns the public key as string
-     */
-    async function export_public_key(public_key) {
-        return toBase64(await CryptoAPI.exportKey("spki", public_key));
-    }
-
-    /**
-     * Export a private key in pkcs8 format
-     *
-     * @param {String} private_key
-     * @param {CryptoKey} key
-     * @param {String} iv
-     * @returns the public key as CryptoKey
-     */
-    async function export_private_key(private_key, key, iv) {
-        return toBase64(
-            await CryptoAPI.wrapKey("pkcs8", private_key, key, {
-                name: SymmetricName,
-                iv: iv,
-                tagLength: 128,
-            })
-        );
-    }
-
-    /**
-     * Wrap the master key with the own public key
-     *
-     * @param {CryptoKey} key
-     * @param {CryptoKey} public_key
-     * @returns wrapped master key
-     */
-    async function wrap(key, public_key) {
-        return toBase64(await CryptoAPI.wrapKey("raw", key, public_key, Asymmetric));
-    }
-
-    /**
-     * Unwrap the master key with the own private key
-     *
-     * @param {CryptoKey} key
-     * @param {CryptoKey} private_key
-     * @returns unwrapped master key
-     */
-    async function unwrap(key, private_key) {
-        return await CryptoAPI.unwrapKey(
-            "raw",
-            fromBase64(key),
-            private_key,
-            Asymmetric,
-            Symmetric,
-            true,
-            ["encrypt", "decrypt"]
-        );
-    }
-
-    /**
-     * Capitalize each word of the string
-     *
-     * @param {String} s
-     * @returns capitalized string
-     */
-    function capitalize(s) {
-        return s.toLowerCase().replace(/\b\w/g, function (c) {
-            return c.toUpperCase();
-        });
-    }
-
-    return {
-        // Constants
-        Asymmetric: Asymmetric,
-        AsymmetricName: AsymmetricName,
-        Hash: Hash,
-        HashLength: HashLength,
-        IVLength: IVLength,
-        SaltLength: SaltLength,
-        Symmetric: Symmetric,
-        SymmetricName: SymmetricName,
-
-        // Crypto utility functions
-        askpass: askpass,
-        asym_decrypt: asym_decrypt,
-        asym_encrypt: asym_encrypt,
-        derive_key: derive_key,
-        digest: digest,
-        export_private_key: export_private_key,
-        export_public_key: export_public_key,
-        generate_bytes: generate_bytes,
-        generate_iv_base64: generate_iv_base64,
-        generate_key: generate_key,
-        generate_key_pair: generate_key_pair,
-        generate_pass: generate_pass,
-        generate_secret: generate_secret,
-        load_private_key: load_private_key,
-        load_public_key: load_public_key,
-        sym_decrypt: sym_decrypt,
-        sym_encrypt: sym_encrypt,
-        unwrap: unwrap,
-        wrap: wrap,
-
-        // Utility functions
-        capitalize: capitalize,
-        fromBase64: fromBase64,
-        fromBinary: fromBinary,
-        toBase64: toBase64,
-        toBinary: toBinary,
-
-        supported: supported,
-    };
-});
diff --git a/vault/static/src/js/vault_controller.js b/vault/static/src/legacy/vault_controller.js
similarity index 99%
rename from vault/static/src/js/vault_controller.js
rename to vault/static/src/legacy/vault_controller.js
index 9be7ba098c..99d2fdc403 100644
--- a/vault/static/src/js/vault_controller.js
+++ b/vault/static/src/legacy/vault_controller.js
@@ -291,6 +291,8 @@ odoo.define("vault.controller", function (require) {
             if (changes.right_ids && changes.right_ids.operation === "DELETE") {
                 const self = this;
 
+                if (this._vault_changes) return;
+
                 Dialog.confirm(
                     self,
                     _t(
diff --git a/vault/static/src/js/vault_widget.js b/vault/static/src/legacy/vault_widget.js
similarity index 95%
rename from vault/static/src/js/vault_widget.js
rename to vault/static/src/legacy/vault_widget.js
index 011e57373e..c7478e6fa5 100644
--- a/vault/static/src/js/vault_widget.js
+++ b/vault/static/src/legacy/vault_widget.js
@@ -4,18 +4,18 @@
 odoo.define("vault.fields", function (require) {
     "use strict";
 
-    var core = require("web.core");
-    var basic_fields = require("web.basic_fields");
-    var download = require("web.download");
-    var Exporter = require("vault.export");
-    var registry = require("web.field_registry");
-    var utils = require("vault.utils");
-    var vault = require("vault");
-
-    var _t = core._t;
-    var QWeb = core.qweb;
-
-    var VaultAbstract = {
+    const core = require("web.core");
+    const basic_fields = require("web.basic_fields");
+    const download = require("web.download");
+    const Exporter = require("vault.export");
+    const registry = require("web.field_registry");
+    const utils = require("vault.utils");
+    const vault = require("vault");
+
+    const _t = core._t;
+    const QWeb = core.qweb;
+
+    const VaultAbstract = {
         supported: function () {
             return utils.supported();
         },
@@ -211,7 +211,7 @@ odoo.define("vault.fields", function (require) {
     };
 
     // Basic field widget of the vault
-    var VaultField = basic_fields.InputField.extend(VaultAbstract, {
+    const VaultField = basic_fields.InputField.extend(VaultAbstract, {
         supportedFieldTypes: ["char"],
         tagName: "div",
         events: _.extend({}, basic_fields.InputField.prototype.events, {
@@ -324,7 +324,7 @@ odoo.define("vault.fields", function (require) {
     });
 
     // Widget used for using encrypted files
-    var VaultFile = basic_fields.FieldBinaryFile.extend(VaultAbstract, {
+    const VaultFile = basic_fields.FieldBinaryFile.extend(VaultAbstract, {
         className: "o_vault",
 
         /**
@@ -368,7 +368,7 @@ odoo.define("vault.fields", function (require) {
     });
 
     // Widget used for using export
-    var VaultExportFile = basic_fields.FieldBinaryFile.extend(VaultAbstract, {
+    const VaultExportFile = basic_fields.FieldBinaryFile.extend(VaultAbstract, {
         className: "o_vault",
         events: _.extend({}, basic_fields.AbstractFieldBinary.prototype.events, {
             click: function (event) {
@@ -439,7 +439,7 @@ odoo.define("vault.fields", function (require) {
         },
     });
 
-    var VaultInboxField = VaultField.extend({
+    const VaultInboxField = VaultField.extend({
         store_model: "vault.field",
         events: _.extend({}, VaultField.prototype.events, {
             "click .o_vault_show": "_onShowValue",
@@ -491,7 +491,7 @@ odoo.define("vault.fields", function (require) {
     });
 
     // Widget used to view shared incoming secrets encrypted with public keys
-    var VaultInboxFile = VaultFile.extend({
+    const VaultInboxFile = VaultFile.extend({
         store_model: "vault.file",
         template: "FileVaultInbox",
         events: _.extend({}, VaultFile.prototype.events, {
diff --git a/vault/static/tests/vault_tests.js b/vault/static/tests/vault_tests.js
index 02a2d5f5b2..e73de4beb6 100644
--- a/vault/static/tests/vault_tests.js
+++ b/vault/static/tests/vault_tests.js
@@ -1,7 +1,7 @@
 // © 2021 Florian Kantelberg - initOS GmbH
 // License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
 
-/* global ArrayBuffer, QUnit, Uint8Array */
+/* global QUnit */
 
 odoo.define("vault.tests", function (require) {
     "use strict";
diff --git a/vault/tests/test_controller.py b/vault/tests/test_controller.py
index 145004a2aa..1d853ecea7 100644
--- a/vault/tests/test_controller.py
+++ b/vault/tests/test_controller.py
@@ -2,17 +2,18 @@
 # License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
 
 import logging
-from unittest.mock import MagicMock, patch
+from unittest.mock import MagicMock
 
 from odoo.tests import TransactionCase
 from odoo.tools import mute_logger
 
+from odoo.addons.website.tools import MockRequest
+
 from ..controllers import main
 
 _logger = logging.getLogger(__name__)
 
 
-@patch("odoo.addons.vault.controllers.main.request")
 class TestController(TransactionCase):
     def setUp(self):
         super().setUp()
@@ -47,146 +48,144 @@ def setUp(self):
             }
         )
 
-        patcher = patch("odoo.http.request")
-        self.addCleanup(patcher.stop)
-        patcher.start()
-
-    @mute_logger("odoo.addons.vault.controllers.main")
     @mute_logger("odoo.sql_db")
-    def test_vault_inbox(self, request_mock):
+    def test_vault_inbox(self):
         def return_context(template, context):
             self.assertEqual(template, "vault.inbox")
             return context
 
-        request_mock.env = self.env
-        request_mock.render.side_effect = return_context
-        response = self.controller.vault_inbox("")
-        self.assertIn("error", response)
-
-        response = self.controller.vault_inbox(self.user.inbox_token)
-        self.assertNotIn("error", response)
-        self.assertEqual(response["public"], self.user.active_key.public)
-
-        # Try to eliminate each error step by step
-        request_mock.httprequest.method = "POST"
-        request_mock.params = {}
-        response = self.controller.vault_inbox(self.user.inbox_token)
-        self.assertIn("error", response)
-
-        request_mock.params["name"] = "test"
-        response = self.controller.vault_inbox(self.user.inbox_token)
-        self.assertIn("error", response)
-
-        request_mock.params.update({"encrypted": "secret", "encrypted_file": "file"})
-        response = self.controller.vault_inbox(self.user.inbox_token)
-        self.assertIn("error", response)
-
-        request_mock.params["filename"] = "filename"
-        response = self.controller.vault_inbox(self.user.inbox_token)
-        self.assertIn("error", response)
-
-        self.assertEqual(self.inbox.secret, "old secret")
-        self.assertEqual(self.inbox.secret_file, b"old file")
-
-        # Store something successfully
-        request_mock.params.update({"iv": "iv", "key": "key"})
-        response = self.controller.vault_inbox(self.inbox.token)
-        self.assertNotIn("error", response)
-        self.assertEqual(self.inbox.secret, "secret")
-        self.assertEqual(self.inbox.secret_file, b"file")
-
-        # Test a duplicate inbox
-        self.inbox.copy().token = self.inbox.token
-        response = self.controller.vault_inbox(self.inbox.token)
-        self.assertIn("error", response)
-
-        def raise_error(*args, **kwargs):
-            raise TypeError()
-
-        # Catch internal errors
-        try:
-            request_mock.httprequest.remote_addr = "127.0.0.1"
-            self.env["vault.inbox"]._patch_method("store_in_inbox", raise_error)
+        with MockRequest(self.env) as request_mock:
+            request_mock.render.side_effect = return_context
+            response = self.controller.vault_inbox("")
+            self.assertIn("error", response)
+
+            response = self.controller.vault_inbox(self.user.inbox_token)
+            self.assertNotIn("error", response)
+            self.assertEqual(response["public"], self.user.active_key.public)
+
+            # Try to eliminate each error step by step
+            request_mock.httprequest.method = "POST"
+            request_mock.params = {}
+            response = self.controller.vault_inbox(self.user.inbox_token)
+            self.assertIn("error", response)
+
+            request_mock.params["name"] = "test"
+            response = self.controller.vault_inbox(self.user.inbox_token)
+            self.assertIn("error", response)
+
+            request_mock.params.update(
+                {"encrypted": "secret", "encrypted_file": "file"}
+            )
             response = self.controller.vault_inbox(self.user.inbox_token)
-        finally:
-            self.env["vault.inbox"]._revert_method("store_in_inbox")
+            self.assertIn("error", response)
 
-        self.assertIn("error", response)
+            request_mock.params["filename"] = "filename"
+            response = self.controller.vault_inbox(self.user.inbox_token)
+            self.assertIn("error", response)
+
+            self.assertEqual(self.inbox.secret, "old secret")
+            self.assertEqual(self.inbox.secret_file, b"old file")
+
+            # Store something successfully
+            request_mock.params.update({"iv": "iv", "key": "key"})
+            response = self.controller.vault_inbox(self.inbox.token)
+            self.assertNotIn("error", response)
+            self.assertEqual(self.inbox.secret, "secret")
+            self.assertEqual(self.inbox.secret_file, b"file")
+
+            # Test a duplicate inbox
+            self.inbox.copy().token = self.inbox.token
+            response = self.controller.vault_inbox(self.inbox.token)
+            self.assertIn("error", response)
+
+            def raise_error(*args, **kwargs):
+                raise TypeError()
+
+            # Catch internal errors
+            try:
+                request_mock.httprequest.remote_addr = "127.0.0.1"
+                self.env["vault.inbox"]._patch_method("store_in_inbox", raise_error)
+                response = self.controller.vault_inbox(self.user.inbox_token)
+            finally:
+                self.env["vault.inbox"]._revert_method("store_in_inbox")
+
+            self.assertIn("error", response)
 
     @mute_logger("odoo.sql_db")
-    def test_vault_public(self, request_mock):
-        request_mock.env = self.env
-        no_key = self.env["res.users"].create(
-            {"login": "keyless", "email": "test@test", "name": "test"}
-        )
+    def test_vault_public(self):
+        with MockRequest(self.env):
+            no_key = self.env["res.users"].create(
+                {"login": "keyless", "email": "test@test", "name": "test"}
+            )
 
-        response = self.controller.vault_public(user_id=no_key.id)
-        self.assertEqual(response, {})
+            response = self.controller.vault_public(user_id=no_key.id)
+            self.assertEqual(response, {})
 
-        response = self.controller.vault_public(user_id=self.user.id)
-        self.assertEqual(response["public_key"], self.key.public)
+            response = self.controller.vault_public(user_id=self.user.id)
+            self.assertEqual(response["public_key"], self.key.public)
 
     @mute_logger("odoo.sql_db")
-    def test_vault_store(self, request_mock):
-        request_mock.env = self.env
-        mock = MagicMock()
-        try:
-            self.env["res.users.key"]._patch_method("store", mock)
-            self.controller.vault_store_keys()
-            mock.assert_called_once()
-        finally:
-            self.env["res.users.key"]._revert_method("store")
+    def test_vault_store(
+        self,
+    ):
+        with MockRequest(self.env):
+            mock = MagicMock()
+            try:
+                self.env["res.users.key"]._patch_method("store", mock)
+                self.controller.vault_store_keys()
+                mock.assert_called_once()
+            finally:
+                self.env["res.users.key"]._revert_method("store")
 
     @mute_logger("odoo.sql_db")
-    def test_vault_keys_get(self, request_mock):
-        request_mock.env = self.env
-        mock = MagicMock()
-        try:
-            self.env["res.users"]._patch_method("get_vault_keys", mock)
-            self.controller.vault_get_keys()
-            mock.assert_called_once()
-        finally:
-            self.env["res.users"]._revert_method("get_vault_keys")
+    def test_vault_keys_get(self):
+        with MockRequest(self.env):
+            mock = MagicMock()
+            try:
+                self.env["res.users"]._patch_method("get_vault_keys", mock)
+                self.controller.vault_get_keys()
+                mock.assert_called_once()
+            finally:
+                self.env["res.users"]._revert_method("get_vault_keys")
 
     @mute_logger("odoo.sql_db")
-    def test_vault_right_keys(self, request_mock):
-        request_mock.env = self.env
-        self.assertFalse(self.controller.vault_get_right_keys())
+    def test_vault_right_keys(self):
+        with MockRequest(self.env):
+            self.assertFalse(self.controller.vault_get_right_keys())
 
-        # New vault with user as owner and only right
-        vault = self.env["vault"].create({"name": "Vault"})
+            # New vault with user as owner and only right
+            vault = self.env["vault"].create({"name": "Vault"})
 
-        response = self.controller.vault_get_right_keys()
-        self.assertEqual(response, {vault.uuid: vault.right_ids.key})
+            response = self.controller.vault_get_right_keys()
+            self.assertEqual(response, {vault.uuid: vault.right_ids.key})
 
     @mute_logger("odoo.sql_db")
-    def test_vault_store_right_key(self, request_mock):
-        request_mock.env = self.env
-
-        vault = self.env["vault"].create({"name": "Vault"})
+    def test_vault_store_right_key(self):
+        with MockRequest(self.env):
+            vault = self.env["vault"].create({"name": "Vault"})
 
-        self.controller.vault_store_right_keys(None)
+            self.controller.vault_store_right_keys(None)
 
-        self.controller.vault_store_right_keys({vault.uuid: "new key"})
-        self.assertEqual(vault.right_ids.key, "new key")
+            self.controller.vault_store_right_keys({vault.uuid: "new key"})
+            self.assertEqual(vault.right_ids.key, "new key")
 
     @mute_logger("odoo.sql_db")
-    def test_vault_inbox_keys(self, request_mock):
-        request_mock.env = self.env
-        self.assertFalse(self.controller.vault_get_inbox())
+    def test_vault_inbox_keys(self):
+        with MockRequest(self.env):
+            self.assertFalse(self.controller.vault_get_inbox())
 
-        inbox = self.inbox.copy({"user_id": self.env.uid})
+            inbox = self.inbox.copy({"user_id": self.env.uid})
 
-        response = self.controller.vault_get_inbox()
-        self.assertEqual(response, {inbox.token: inbox.key})
+            response = self.controller.vault_get_inbox()
+            self.assertEqual(response, {inbox.token: inbox.key})
 
     @mute_logger("odoo.sql_db")
-    def test_vault_store_inbox_key(self, request_mock):
-        request_mock.env = self.env
-        inbox = self.inbox.copy({"user_id": self.env.uid})
-        inbox.user_id = self.env.user
+    def test_vault_store_inbox_key(self):
+        with MockRequest(self.env):
+            inbox = self.inbox.copy({"user_id": self.env.uid})
+            inbox.user_id = self.env.user
 
-        self.controller.vault_store_inbox(None)
+            self.controller.vault_store_inbox(None)
 
-        self.controller.vault_store_inbox({inbox.token: "new key"})
-        self.assertEqual(inbox.key, "new key")
+            self.controller.vault_store_inbox({inbox.token: "new key"})
+            self.assertEqual(inbox.key, "new key")
diff --git a/vault/tests/test_rights.py b/vault/tests/test_rights.py
index 0cb0d8f25b..12f83423df 100644
--- a/vault/tests/test_rights.py
+++ b/vault/tests/test_rights.py
@@ -132,12 +132,6 @@ def test_user_share_no_permission(self):
         with self.assertRaises(AccessError):
             right.with_user(self.user).create({"vault_id": self.vault.id, "user_id": 2})
 
-        with self.assertRaises(AccessError):
-            right.with_user(self.user).write({"perm_share": True})
-
-        with self.assertRaises(AccessError):
-            right.with_user(self.user).write({"perm_share": True, "key": "abc"})
-
     def test_user_share_granted(self):
         # Granted permission to share
         right = self.env["vault.right"].create(
diff --git a/vault/views/assets.xml b/vault/views/assets.xml
deleted file mode 100644
index cff9055e31..0000000000
--- a/vault/views/assets.xml
+++ /dev/null
@@ -1,38 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-<odoo>
-    <template id="assets_backend" inherit_id="web.assets_backend">
-        <xpath expr="." position="inside">
-            <script
-                type="text/javascript"
-                src="/vault/static/lib/kdbxweb/kdbxweb.min.js"
-            />
-            <script type="text/javascript" src="/vault/static/src/js/user_menu.js" />
-            <script type="text/javascript" src="/vault/static/src/js/vault.js" />
-            <script
-                type="text/javascript"
-                src="/vault/static/src/js/vault_controller.js"
-            />
-            <script type="text/javascript" src="/vault/static/src/js/vault_export.js" />
-            <script type="text/javascript" src="/vault/static/src/js/vault_import.js" />
-            <script type="text/javascript" src="/vault/static/src/js/vault_utils.js" />
-            <script type="text/javascript" src="/vault/static/src/js/vault_widget.js" />
-            <link
-                rel="stylesheet"
-                type="text/scss"
-                href="/vault/static/src/scss/vault.scss"
-            />
-        </xpath>
-    </template>
-
-    <template id="tests_assets" inherit_id="web.tests_assets">
-        <xpath expr="." position="inside">
-            <script type="text/javascript" src="/vault/static/tests/vault_tests.js" />
-        </xpath>
-    </template>
-
-    <template id="inbox_frontend">
-        <t t-call-assets="web.assets_common" />
-        <script type="text/javascript" src="/vault/static/src/js/vault_utils.js" />
-        <script type="text/javascript" src="/vault/static/src/js/vault_inbox.js" />
-    </template>
-</odoo>
diff --git a/vault/views/templates.xml b/vault/views/templates.xml
index 3d22989ec6..2be894810a 100644
--- a/vault/views/templates.xml
+++ b/vault/views/templates.xml
@@ -2,7 +2,7 @@
 <odoo>
     <template id="inbox">
         <t t-call="web.login_layout">
-            <t t-call-assets="vault.inbox_frontend" t-css="false" />
+            <t t-call-assets="vault.assets_frontend" t-css="false" defer_load="True" />
 
             <form
                 class="oe_login_form"
diff --git a/vault/views/vault_entry_views.xml b/vault/views/vault_entry_views.xml
index 90000a2df8..27d9a108e9 100644
--- a/vault/views/vault_entry_views.xml
+++ b/vault/views/vault_entry_views.xml
@@ -165,8 +165,18 @@
                     context="{'group_by': 'vault_id'}"
                 />
                 <searchpanel>
-                    <field name="vault_id" string="Vaults" enable_counters="1" />
-                    <field name="parent_id" string="Entries" enable_counters="1" />
+                    <field
+                        name="vault_id"
+                        string="Vaults"
+                        enable_counters="1"
+                        limit="0"
+                    />
+                    <field
+                        name="parent_id"
+                        string="Entries"
+                        enable_counters="1"
+                        limit="0"
+                    />
                 </searchpanel>
             </search>
         </field>
diff --git a/vault/wizards/vault_store_wizard.py b/vault/wizards/vault_store_wizard.py
index 6bdae37913..9273eb7b6e 100644
--- a/vault/wizards/vault_store_wizard.py
+++ b/vault/wizards/vault_store_wizard.py
@@ -43,5 +43,5 @@ def action_store(self):
                     "value": self.secret,
                 }
             )
-        except Exception:
-            pass
+        except Exception as e:
+            _logger.exception(e)
diff --git a/vault_share/__manifest__.py b/vault_share/__manifest__.py
index da4bd99552..9d3f4e693b 100644
--- a/vault_share/__manifest__.py
+++ b/vault_share/__manifest__.py
@@ -5,7 +5,7 @@
     "name": "Vault - Share",
     "summary": "Implementation of a mechanism to share secrets",
     "license": "AGPL-3",
-    "version": "14.0.1.2.0",
+    "version": "15.0.1.1.0",
     "website": "https://github.com/OCA/server-auth",
     "application": False,
     "author": "initOS GmbH, Odoo Community Association (OCA)",
@@ -15,11 +15,25 @@
         "data/ir_cron.xml",
         "security/ir.model.access.csv",
         "security/ir_rule.xml",
-        "views/assets.xml",
         "views/menuitems.xml",
         "views/res_config_settings_views.xml",
         "views/templates.xml",
         "views/vault_share_views.xml",
     ],
-    "qweb": ["static/src/xml/templates.xml"],
+    "assets": {
+        "web.assets_backend": [
+            "vault_share/static/src/common/**/*.js",
+            "vault_share/static/src/backend/**/*.js",
+            "vault_share/static/src/backend/**/*.scss",
+            "vault_share/static/src/legacy/vault_fields.js",
+            "vault_share/static/src/legacy/vault_share_widget.js",
+        ],
+        "vault_share.assets_frontend": [
+            "vault/static/src/common/*.js",
+            "vault_share/static/src/frontend/*.js",
+        ],
+        "web.assets_qweb": [
+            "vault_share/static/src/backend/**/*.xml",
+        ],
+    },
 }
diff --git a/vault_share/models/vault_share.py b/vault_share/models/vault_share.py
index 9eb337bab2..4b0f119f8a 100644
--- a/vault_share/models/vault_share.py
+++ b/vault_share/models/vault_share.py
@@ -62,8 +62,10 @@ def get(self, token, ip=None):
 
         if datetime.now() < rec.expiration and rec.accesses > 0:
             rec.accesses -= 1
-            log = _("The share was accessed by %s via %s")
-            rec.log_ids = [(0, 0, {"name": log % (self.env.user.name, ip)})]
+            log = _("The share was accessed by %(name)s via %(ip)s")
+            rec.log_ids = [
+                (0, 0, {"name": log % {"name": self.env.user.name, "ip": ip or "n/a"}})
+            ]
             return rec
 
         return None
@@ -71,8 +73,8 @@ def get(self, token, ip=None):
     @api.model
     def create(self, vals):
         rec = super().create(vals)
-        log = _("The share was created by %s")
-        rec.log_ids = [(0, 0, {"name": log % self.env.user.name})]
+        log = _("The share was created by %(name)s")
+        rec.log_ids = [(0, 0, {"name": log % {"name": self.env.user.name}})]
         return rec
 
     @api.model
diff --git a/vault_share/static/src/xml/templates.xml b/vault_share/static/src/backend/templates.xml
similarity index 100%
rename from vault_share/static/src/xml/templates.xml
rename to vault_share/static/src/backend/templates.xml
diff --git a/vault_share/static/src/scss/vault_share.scss b/vault_share/static/src/backend/vault_share.scss
similarity index 100%
rename from vault_share/static/src/scss/vault_share.scss
rename to vault_share/static/src/backend/vault_share.scss
diff --git a/vault_share/static/src/common/utils.esm.js b/vault_share/static/src/common/utils.esm.js
new file mode 100644
index 0000000000..790858a529
--- /dev/null
+++ b/vault_share/static/src/common/utils.esm.js
@@ -0,0 +1,16 @@
+/** @odoo-module alias=vault.share.utils **/
+// © 2021-2022 Florian Kantelberg - initOS GmbH
+// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+const PinSize = 5;
+
+import utils from "vault.utils";
+
+function generate_pin(pin_size) {
+    return utils.generate_secret(pin_size, "0123456789");
+}
+
+export default {
+    PinSize: PinSize,
+    generate_pin: generate_pin,
+};
diff --git a/vault_share/static/src/frontend/share.esm.js b/vault_share/static/src/frontend/share.esm.js
new file mode 100644
index 0000000000..e0b5748ce0
--- /dev/null
+++ b/vault_share/static/src/frontend/share.esm.js
@@ -0,0 +1,50 @@
+/** @odoo-module **/
+// © 2021-2022 Florian Kantelberg - initOS GmbH
+// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import utils from "vault.utils";
+
+const data = {};
+
+// Find the elements in the document and check if they have values
+function find_elements() {
+    for (const id of ["encrypted", "salt", "iv", "encrypted_file", "filename"])
+        if (!data[id]) {
+            const element = document.getElementById(id);
+            data[id] = element && element.value;
+        }
+}
+
+document.getElementById("pin").onchange = async function () {
+    if (!utils.supported()) return;
+
+    find_elements();
+
+    // Derive the key from the pin
+    const key = await utils.derive_key(this.value, utils.fromBase64(data.salt), 4000);
+
+    const secret = document.getElementById("secret");
+    const secret_file = document.getElementById("secret_file");
+    if (!secret && !secret_file) return;
+
+    // There is no secret to decrypt
+    if (!this.value) {
+        secret.setAttribute("class", "alert alert-danger col-12");
+        secret_file.setAttribute("class", "alert alert-danger col-12");
+        return;
+    }
+
+    // Decrypt the data and show the value
+    if (data.encrypted) {
+        secret.value = await utils.sym_decrypt(key, data.encrypted, data.iv);
+        secret.setAttribute("class", "alert alert-success col-12");
+    }
+
+    if (data.encrypted_file) {
+        const content = await utils.sym_decrypt(key, data.encrypted_file, data.iv);
+        const file = new File([atob(content)], data.filename);
+        secret_file.text = data.filename;
+        secret_file.setAttribute("href", window.URL.createObjectURL(file));
+        secret_file.setAttribute("class", "alert alert-success col-12");
+    }
+};
diff --git a/vault_share/static/src/js/vault_share.js b/vault_share/static/src/js/vault_share.js
deleted file mode 100644
index 81b8482c9f..0000000000
--- a/vault_share/static/src/js/vault_share.js
+++ /dev/null
@@ -1,58 +0,0 @@
-// © 2021 Florian Kantelberg - initOS GmbH
-// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
-
-odoo.define("vault.share", function (require) {
-    "use strict";
-
-    require("web.dom_ready");
-
-    var utils = require("vault.utils");
-    var data = {};
-
-    // Find the elements in the document and check if they have values
-    function find_elements() {
-        for (const id of ["encrypted", "salt", "iv", "encrypted_file", "filename"])
-            if (!data[id]) {
-                const element = document.getElementById(id);
-                data[id] = element && element.value;
-            }
-    }
-
-    document.getElementById("pin").onchange = async function () {
-        if (!utils.supported()) return;
-
-        find_elements();
-
-        // Derive the key from the pin
-        const key = await utils.derive_key(
-            this.value,
-            utils.fromBase64(data.salt),
-            4000
-        );
-
-        const secret = document.getElementById("secret");
-        const secret_file = document.getElementById("secret_file");
-        if (!secret && !secret_file) return;
-
-        // There is no secret to decrypt
-        if (!this.value) {
-            secret.setAttribute("class", "alert alert-danger col-12");
-            secret_file.setAttribute("class", "alert alert-danger col-12");
-            return;
-        }
-
-        // Decrypt the data and show the value
-        if (data.encrypted) {
-            secret.value = await utils.sym_decrypt(key, data.encrypted, data.iv);
-            secret.setAttribute("class", "alert alert-success col-12");
-        }
-
-        if (data.encrypted_file) {
-            const content = await utils.sym_decrypt(key, data.encrypted_file, data.iv);
-            const file = new File([atob(content)], data.filename);
-            secret_file.text = data.filename;
-            secret_file.setAttribute("href", window.URL.createObjectURL(file));
-            secret_file.setAttribute("class", "alert alert-success col-12");
-        }
-    };
-});
diff --git a/vault_share/static/src/js/vault_utils.js b/vault_share/static/src/js/vault_utils.js
deleted file mode 100644
index c85a522f3d..0000000000
--- a/vault_share/static/src/js/vault_utils.js
+++ /dev/null
@@ -1,19 +0,0 @@
-// © 2021 Florian Kantelberg - initOS GmbH
-// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
-
-odoo.define("vault.share.utils", function (require) {
-    "use strict";
-
-    const PinSize = 5;
-
-    var utils = require("vault.utils");
-
-    function generate_pin(pin_size) {
-        return utils.generate_secret(pin_size, "0123456789");
-    }
-
-    return {
-        PinSize: PinSize,
-        generate_pin: generate_pin,
-    };
-});
diff --git a/vault_share/static/src/js/vault_fields.js b/vault_share/static/src/legacy/vault_fields.js
similarity index 87%
rename from vault_share/static/src/js/vault_fields.js
rename to vault_share/static/src/legacy/vault_fields.js
index 13ee282ba7..23c8071051 100644
--- a/vault_share/static/src/js/vault_fields.js
+++ b/vault_share/static/src/legacy/vault_fields.js
@@ -4,13 +4,13 @@
 odoo.define("vault.share.fields", function (require) {
     "use strict";
 
-    var core = require("web.core");
-    var sh_utils = require("vault.share.utils");
-    var utils = require("vault.utils");
-    var vault = require("vault");
-    var vault_fields = require("vault.fields");
+    const core = require("web.core");
+    const sh_utils = require("vault.share.utils");
+    const utils = require("vault.utils");
+    const vault = require("vault");
+    const vault_fields = require("vault.fields");
 
-    var _t = core._t;
+    const _t = core._t;
 
     // Extend the widget to share
     vault_fields.VaultField.include({
diff --git a/vault_share/static/src/js/vault_share_widget.js b/vault_share/static/src/legacy/vault_share_widget.js
similarity index 95%
rename from vault_share/static/src/js/vault_share_widget.js
rename to vault_share/static/src/legacy/vault_share_widget.js
index a897667b52..a985fc06d6 100644
--- a/vault_share/static/src/js/vault_share_widget.js
+++ b/vault_share/static/src/legacy/vault_share_widget.js
@@ -4,18 +4,18 @@
 odoo.define("vault.share.widget", function (require) {
     "use strict";
 
-    var basic_fields = require("web.basic_fields");
-    var core = require("web.core");
-    var registry = require("web.field_registry");
-    var sh_utils = require("vault.share.utils");
-    var utils = require("vault.utils");
-    var vault = require("vault");
-    var vault_fields = require("vault.fields");
+    const basic_fields = require("web.basic_fields");
+    const core = require("web.core");
+    const registry = require("web.field_registry");
+    const sh_utils = require("vault.share.utils");
+    const utils = require("vault.utils");
+    const vault = require("vault");
+    const vault_fields = require("vault.fields");
 
-    var QWeb = core.qweb;
+    const QWeb = core.qweb;
 
     // Widget used to view the encrypted pin
-    var VaultPinField = basic_fields.InputField.extend(vault_fields.VaultAbstract, {
+    const VaultPinField = basic_fields.InputField.extend(vault_fields.VaultAbstract, {
         supportedFieldTypes: ["char"],
         events: _.extend({}, basic_fields.InputField.prototype.events, {
             "click .o_vault_show": "_onShowValue",
@@ -87,7 +87,7 @@ odoo.define("vault.share.widget", function (require) {
     });
 
     // Widget used to create shared outgoing secrets encrypted with a pin
-    var VaultShareField = vault_fields.VaultField.extend({
+    const VaultShareField = vault_fields.VaultField.extend({
         events: _.extend({}, vault_fields.VaultField.prototype.events, {
             "click .o_vault_save": "_onSaveValue",
         }),
@@ -229,7 +229,7 @@ odoo.define("vault.share.widget", function (require) {
     });
 
     // Widget used to view shared incoming secrets encrypted with public keys
-    var VaultShareFile = vault_fields.VaultFile.extend({
+    const VaultShareFile = vault_fields.VaultFile.extend({
         store_model: "vault.file",
         template: "FileVaultShare",
         events: _.extend({}, vault_fields.VaultFile.prototype.events, {
diff --git a/vault_share/tests/test_share.py b/vault_share/tests/test_share.py
index dab6176fbf..bc8ecc4908 100644
--- a/vault_share/tests/test_share.py
+++ b/vault_share/tests/test_share.py
@@ -3,12 +3,13 @@
 
 import logging
 from datetime import datetime
-from unittest.mock import patch
 from uuid import uuid4
 
 from odoo.tests import TransactionCase
 from odoo.tools import mute_logger
 
+from odoo.addons.website.tools import MockRequest
+
 from ..controllers import main
 
 _logger = logging.getLogger(__name__)
@@ -29,10 +30,6 @@ def setUp(self):
 
         self.share = self.env["vault.share"].create(self.vals)
 
-        patcher = patch("odoo.http.request")
-        self.addCleanup(patcher.stop)
-        patcher.start()
-
     @mute_logger("odoo.sql_db")
     def test_share(self):
         self.assertEqual(self.share, self.share.get(self.share.token))
@@ -55,23 +52,22 @@ def test_share(self):
         # Search for invalid token
         self.assertEqual(share.browse(), share.get(uuid4()))
 
-    @patch("odoo.addons.vault_share.controllers.main.request")
     @mute_logger("odoo.sql_db")
-    def test_vault_share(self, request_mock):
+    def test_vault_share(self):
         def return_context(template, context):
             self.assertEqual(template, "vault_share.share")
             return context
 
-        request_mock.env = self.env
-        request_mock.render.side_effect = return_context
-        controller = main.Controller()
+        with MockRequest(self.env) as request_mock:
+            request_mock.render.side_effect = return_context
+            controller = main.Controller()
 
-        response = controller.vault_share("")
-        self.assertIn("error", response)
+            response = controller.vault_share("")
+            self.assertIn("error", response)
 
-        response = controller.vault_share(self.share.token)
-        self.assertEqual(response["salt"], self.share.salt)
+            response = controller.vault_share(self.share.token)
+            self.assertEqual(response["salt"], self.share.salt)
 
-        self.share.accesses = 0
-        response = controller.vault_share(self.share.token)
-        self.assertIn("error", response)
+            self.share.accesses = 0
+            response = controller.vault_share(self.share.token)
+            self.assertIn("error", response)
diff --git a/vault_share/views/assets.xml b/vault_share/views/assets.xml
deleted file mode 100644
index 628e38e8c6..0000000000
--- a/vault_share/views/assets.xml
+++ /dev/null
@@ -1,33 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-<odoo>
-    <template id="assets_backend" inherit_id="web.assets_backend">
-        <xpath expr="." position="inside">
-            <script
-                type="text/javascript"
-                src="/vault_share/static/src/js/vault_fields.js"
-            />
-            <script
-                type="text/javascript"
-                src="/vault_share/static/src/js/vault_share_widget.js"
-            />
-            <script
-                type="text/javascript"
-                src="/vault_share/static/src/js/vault_utils.js"
-            />
-            <link
-                rel="stylesheet"
-                type="text/scss"
-                href="/vault_share/static/src/scss/vault_share.scss"
-            />
-        </xpath>
-    </template>
-
-    <template id="share_frontend">
-        <t t-call-assets="web.assets_common" />
-        <script type="text/javascript" src="/vault/static/src/js/vault_utils.js" />
-        <script
-            type="text/javascript"
-            src="/vault_share/static/src/js/vault_share.js"
-        />
-    </template>
-</odoo>
diff --git a/vault_share/views/templates.xml b/vault_share/views/templates.xml
index 65aa8a8f6c..7649731e52 100644
--- a/vault_share/views/templates.xml
+++ b/vault_share/views/templates.xml
@@ -2,7 +2,11 @@
 <odoo>
     <template id="share">
         <t t-call="web.login_layout">
-            <t t-call-assets="vault_share.share_frontend" t-css="false" />
+            <t
+                t-call-assets="vault_share.assets_frontend"
+                t-css="false"
+                defer_load="True"
+            />
 
             <input type="hidden" id="encrypted" t-att-value="encrypted" />
             <input type="hidden" id="encrypted_file" t-att-value="encrypted_file" />

From 6b89277c0765167d197adf3a7818c614f0ced961 Mon Sep 17 00:00:00 2001
From: Carlos Roca <carlos.roca@tecnativa.com>
Date: Wed, 11 Jan 2023 17:00:36 +0100
Subject: [PATCH 30/71] vault_share: File is not downloaded when clicking
 sharing link

---
 vault_share/static/src/frontend/share.esm.js | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/vault_share/static/src/frontend/share.esm.js b/vault_share/static/src/frontend/share.esm.js
index e0b5748ce0..af9b28d0b3 100644
--- a/vault_share/static/src/frontend/share.esm.js
+++ b/vault_share/static/src/frontend/share.esm.js
@@ -41,10 +41,16 @@ document.getElementById("pin").onchange = async function () {
     }
 
     if (data.encrypted_file) {
-        const content = await utils.sym_decrypt(key, data.encrypted_file, data.iv);
-        const file = new File([atob(content)], data.filename);
+        const content = atob(
+            await utils.sym_decrypt(key, data.encrypted_file, data.iv)
+        );
+        const buffer = new ArrayBuffer(content.length);
+        const arr = new Uint8Array(buffer);
+        for (let i = 0; i < content.length; i++) arr[i] = content.charCodeAt(i);
+        const file = new Blob([arr]);
         secret_file.text = data.filename;
         secret_file.setAttribute("href", window.URL.createObjectURL(file));
         secret_file.setAttribute("class", "alert alert-success col-12");
+        secret_file.setAttribute("download", data.filename);
     }
 };

From 70aa9d12913be66f4d8576ddb3aa58bdee88c4a2 Mon Sep 17 00:00:00 2001
From: Carlos Roca <carlos.roca@tecnativa.com>
Date: Mon, 20 Mar 2023 08:31:24 +0100
Subject: [PATCH 31/71] vault: vault readonly when it's defined

---
 vault/README.rst                    | 20 +++++++++++++-------
 vault/readme/ROADMAP.rst            |  6 ++++++
 vault/static/description/index.html | 15 +++++++++++----
 vault/views/vault_entry_views.xml   |  7 ++++++-
 4 files changed, 36 insertions(+), 12 deletions(-)

diff --git a/vault/README.rst b/vault/README.rst
index 67d1344e60..2dd6403c30 100644
--- a/vault/README.rst
+++ b/vault/README.rst
@@ -14,14 +14,14 @@ Vault
     :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
     :alt: License: AGPL-3
 .. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github
-    :target: https://github.com/OCA/server-auth/tree/14.0/vault
+    :target: https://github.com/OCA/server-auth/tree/15.0/vault
     :alt: OCA/server-auth
 .. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
-    :target: https://translation.odoo-community.org/projects/server-auth-14-0/server-auth-14-0-vault
+    :target: https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-vault
     :alt: Translate me on Weblate
-.. |badge5| image:: https://img.shields.io/badge/runbot-Try%20me-875A7B.png
-    :target: https://runbot.odoo-community.org/runbot/251/14.0
-    :alt: Try me on Runbot
+.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png
+    :target: https://runboat.odoo-community.org/webui/builds.html?repo=OCA/server-auth&target_branch=15.0
+    :alt: Try me on Runboat
 
 |badge1| |badge2| |badge3| |badge4| |badge5| 
 
@@ -50,13 +50,19 @@ Known issues / Roadmap
  * Support challenge-response/FIDO2
  * Support for argon2 and kdbx v4
 
+* When changing an entry from one vault to another existing vault, the values added on
+  this entry cannot be accessed, so the field vault is going to be readonly when it
+  is defined.
+
+  If you want to move entries between vaults you can use the export -> import option.
+
 Bug Tracker
 ===========
 
 Bugs are tracked on `GitHub Issues <https://github.com/OCA/server-auth/issues>`_.
 In case of trouble, please check there if your issue has already been reported.
 If you spotted it first, help us smashing it by providing a detailed and welcomed
-`feedback <https://github.com/OCA/server-auth/issues/new?body=module:%20vault%0Aversion:%2014.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
+`feedback <https://github.com/OCA/server-auth/issues/new?body=module:%20vault%0Aversion:%2015.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
 
 Do not contact contributors directly about support or help with technical issues.
 
@@ -86,6 +92,6 @@ OCA, or the Odoo Community Association, is a nonprofit organization whose
 mission is to support the collaborative development of Odoo features and
 promote its widespread use.
 
-This module is part of the `OCA/server-auth <https://github.com/OCA/server-auth/tree/14.0/vault>`_ project on GitHub.
+This module is part of the `OCA/server-auth <https://github.com/OCA/server-auth/tree/15.0/vault>`_ project on GitHub.
 
 You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.
diff --git a/vault/readme/ROADMAP.rst b/vault/readme/ROADMAP.rst
index 63124da1f6..738bcd6446 100644
--- a/vault/readme/ROADMAP.rst
+++ b/vault/readme/ROADMAP.rst
@@ -6,3 +6,9 @@
 
  * Support challenge-response/FIDO2
  * Support for argon2 and kdbx v4
+
+* When changing an entry from one vault to another existing vault, the values added on
+  this entry cannot be accessed, so the field vault is going to be readonly when it
+  is defined.
+
+  If you want to move entries between vaults you can use the export -> import option.
diff --git a/vault/static/description/index.html b/vault/static/description/index.html
index 2a1a8ce5f1..5d014c6a01 100644
--- a/vault/static/description/index.html
+++ b/vault/static/description/index.html
@@ -3,7 +3,7 @@
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-<meta name="generator" content="Docutils 0.15.1: http://docutils.sourceforge.net/" />
+<meta name="generator" content="Docutils: http://docutils.sourceforge.net/" />
 <title>Vault</title>
 <style type="text/css">
 
@@ -367,7 +367,7 @@ <h1 class="title">Vault</h1>
 !! This file is generated by oca-gen-addon-readme !!
 !! changes will be overwritten.                   !!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -->
-<p><a class="reference external" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external" href="https://github.com/OCA/server-auth/tree/14.0/vault"><img alt="OCA/server-auth" src="https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github" /></a> <a class="reference external" href="https://translation.odoo-community.org/projects/server-auth-14-0/server-auth-14-0-vault"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external" href="https://runbot.odoo-community.org/runbot/251/14.0"><img alt="Try me on Runbot" src="https://img.shields.io/badge/runbot-Try%20me-875A7B.png" /></a></p>
+<p><a class="reference external" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external" href="https://github.com/OCA/server-auth/tree/15.0/vault"><img alt="OCA/server-auth" src="https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github" /></a> <a class="reference external" href="https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-vault"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external" href="https://runboat.odoo-community.org/webui/builds.html?repo=OCA/server-auth&amp;target_branch=15.0"><img alt="Try me on Runboat" src="https://img.shields.io/badge/runboat-Try%20me-875A7B.png" /></a></p>
 <p>This module implements a vault for secrets and files using end-to-end-encryption. The encryption and decryption happens in the browser using a vault specific shared master key. The master keys are encrypted using asymmetrically. For this the user has to enter a second password on the first login or if he needs to access data in a vault. The asymmetric keys are stored for a certain time in the browser storage.</p>
 <p>The server can never access the secrets with the information available. Only people registered in the vault can decrypt or encrypt values in a vault. The meta data isn’t encrypted to be able to search/filter for entries more easily.</p>
 <p>This modules requires a secure context for the browser to work properly.</p>
@@ -398,13 +398,20 @@ <h1><a class="toc-backref" href="#id1">Known issues / Roadmap</a></h1>
 <li>Support for argon2 and kdbx v4</li>
 </ul>
 </blockquote>
+<ul>
+<li><p class="first">When changing an entry from one vault to another existing vault, the values added on
+this entry cannot be accessed, so the field vault is going to be readonly when it
+is defined.</p>
+<p>If you want to move entries between vaults you can use the export -&gt; import option.</p>
+</li>
+</ul>
 </div>
 <div class="section" id="bug-tracker">
 <h1><a class="toc-backref" href="#id2">Bug Tracker</a></h1>
 <p>Bugs are tracked on <a class="reference external" href="https://github.com/OCA/server-auth/issues">GitHub Issues</a>.
 In case of trouble, please check there if your issue has already been reported.
 If you spotted it first, help us smashing it by providing a detailed and welcomed
-<a class="reference external" href="https://github.com/OCA/server-auth/issues/new?body=module:%20vault%0Aversion:%2014.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**">feedback</a>.</p>
+<a class="reference external" href="https://github.com/OCA/server-auth/issues/new?body=module:%20vault%0Aversion:%2015.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**">feedback</a>.</p>
 <p>Do not contact contributors directly about support or help with technical issues.</p>
 </div>
 <div class="section" id="credits">
@@ -428,7 +435,7 @@ <h2><a class="toc-backref" href="#id6">Maintainers</a></h2>
 <p>OCA, or the Odoo Community Association, is a nonprofit organization whose
 mission is to support the collaborative development of Odoo features and
 promote its widespread use.</p>
-<p>This module is part of the <a class="reference external" href="https://github.com/OCA/server-auth/tree/14.0/vault">OCA/server-auth</a> project on GitHub.</p>
+<p>This module is part of the <a class="reference external" href="https://github.com/OCA/server-auth/tree/15.0/vault">OCA/server-auth</a> project on GitHub.</p>
 <p>You are welcome to contribute. To learn how please visit <a class="reference external" href="https://odoo-community.org/page/Contribute">https://odoo-community.org/page/Contribute</a>.</p>
 </div>
 </div>
diff --git a/vault/views/vault_entry_views.xml b/vault/views/vault_entry_views.xml
index 27d9a108e9..a5b444a79f 100644
--- a/vault/views/vault_entry_views.xml
+++ b/vault/views/vault_entry_views.xml
@@ -48,7 +48,12 @@
 
                     <group>
                         <group>
-                            <field name="vault_id" invisible="1" />
+                            <field
+                                name="vault_id"
+                                invisible="1"
+                                force_save="1"
+                                attrs="{'readonly': [('vault_id', '!=', False)]}"
+                            />
                             <field
                                 name="parent_id"
                                 options="{'no_open': true, 'no_create_edit': true, 'no_quick_create': true}"

From d000d772f454dcb00af3fc02a01dd04a20f764e1 Mon Sep 17 00:00:00 2001
From: oca-ci <oca-ci@odoo-community.org>
Date: Thu, 23 Mar 2023 18:03:05 +0000
Subject: [PATCH 32/71] Update vault.pot

---
 vault/i18n/vault.pot | 141 ++++++++++++++++++++++---------------------
 1 file changed, 71 insertions(+), 70 deletions(-)

diff --git a/vault/i18n/vault.pot b/vault/i18n/vault.pot
index 3413362249..ba57380862 100644
--- a/vault/i18n/vault.pot
+++ b/vault/i18n/vault.pot
@@ -4,7 +4,7 @@
 #
 msgid ""
 msgstr ""
-"Project-Id-Version: Odoo Server 14.0\n"
+"Project-Id-Version: Odoo Server 15.0\n"
 "Report-Msgid-Bugs-To: \n"
 "Last-Translator: \n"
 "Language-Team: \n"
@@ -16,12 +16,12 @@ msgstr ""
 #. module: vault
 #: code:addons/vault/models/vault_entry.py:0
 #, python-format
-msgid "%s entry %s by %s"
+msgid "%(action)s entry %(name)s by %(user)s"
 msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "A-Z"
 msgstr ""
@@ -149,8 +149,8 @@ msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault_utils.js:0
-#: code:addons/vault/static/src/js/vault_utils.js:0
+#: code:addons/vault/static/src/common/utils.esm.js:0
+#: code:addons/vault/static/src/common/utils.esm.js:0
 #: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_import_wizard
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_send_wizard
@@ -161,15 +161,15 @@ msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault_utils.js:0
-#: code:addons/vault/static/src/js/vault_utils.js:0
+#: code:addons/vault/static/src/common/utils.esm.js:0
+#: code:addons/vault/static/src/common/utils.esm.js:0
 #, python-format
 msgid "Cancelled"
 msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Characters:"
 msgstr ""
@@ -201,7 +201,7 @@ msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Confirm your password:"
 msgstr ""
@@ -213,8 +213,8 @@ msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Copy to clipboard"
 msgstr ""
@@ -244,15 +244,15 @@ msgid "Created by"
 msgstr ""
 
 #. module: vault
-#: code:addons/vault/wizards/vault_send_wizard.py:0
+#: code:addons/vault/models/vault_inbox.py:0
 #, python-format
-msgid "Created by %s"
+msgid "Created by %(name)s via %(ip)s"
 msgstr ""
 
 #. module: vault
-#: code:addons/vault/models/vault_inbox.py:0
+#: code:addons/vault/wizards/vault_send_wizard.py:0
 #, python-format
-msgid "Created by %s via %s"
+msgid "Created by %s"
 msgstr ""
 
 #. module: vault
@@ -300,12 +300,8 @@ msgid "Delete"
 msgstr ""
 
 #. module: vault
-#: model:ir.model.fields,field_description:vault.field_res_config_settings__display_name
-#: model:ir.model.fields,field_description:vault.field_res_users__display_name
 #: model:ir.model.fields,field_description:vault.field_res_users_key__display_name
 #: model:ir.model.fields,field_description:vault.field_vault__display_name
-#: model:ir.model.fields,field_description:vault.field_vault_abstract__display_name
-#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__display_name
 #: model:ir.model.fields,field_description:vault.field_vault_entry__display_name
 #: model:ir.model.fields,field_description:vault.field_vault_export_wizard__display_name
 #: model:ir.model.fields,field_description:vault.field_vault_field__display_name
@@ -324,7 +320,7 @@ msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault_controller.js:0
+#: code:addons/vault/static/src/legacy/vault_controller.js:0
 #, python-format
 msgid "Do you really want to create a new key pair and set it active?"
 msgstr ""
@@ -336,15 +332,15 @@ msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault_utils.js:0
-#: code:addons/vault/static/src/js/vault_utils.js:0
+#: code:addons/vault/static/src/common/utils.esm.js:0
+#: code:addons/vault/static/src/common/utils.esm.js:0
 #, python-format
 msgid "Enter"
 msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Enter your password:"
 msgstr ""
@@ -414,21 +410,21 @@ msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault.js:0
+#: code:addons/vault/static/src/backend/vault.esm.js:0
 #, python-format
 msgid "Failed to export keys to object store"
 msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault.js:0
+#: code:addons/vault/static/src/backend/vault.esm.js:0
 #, python-format
 msgid "Failed to export the keys to the database"
 msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault.js:0
+#: code:addons/vault/static/src/backend/vault.esm.js:0
 #, python-format
 msgid "Failed to import keys from database"
 msgstr ""
@@ -477,15 +473,15 @@ msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Generate"
 msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Generate a new secret:"
 msgstr ""
@@ -497,19 +493,15 @@ msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Hide"
 msgstr ""
 
 #. module: vault
-#: model:ir.model.fields,field_description:vault.field_res_config_settings__id
-#: model:ir.model.fields,field_description:vault.field_res_users__id
 #: model:ir.model.fields,field_description:vault.field_res_users_key__id
 #: model:ir.model.fields,field_description:vault.field_vault__id
-#: model:ir.model.fields,field_description:vault.field_vault_abstract__id
-#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__id
 #: model:ir.model.fields,field_description:vault.field_vault_entry__id
 #: model:ir.model.fields,field_description:vault.field_vault_export_wizard__id
 #: model:ir.model.fields,field_description:vault.field_vault_field__id
@@ -566,6 +558,7 @@ msgstr ""
 
 #. module: vault
 #: model:ir.actions.act_window,name:vault.action_vault_inbox
+#: model:ir.model.fields,field_description:vault.field_res_users__inbox_ids
 #: model:ir.model.fields,field_description:vault.field_vault_inbox_log__inbox_id
 #: model:ir.ui.menu,name:vault.menu_vault_inbox
 msgid "Inbox"
@@ -618,6 +611,11 @@ msgstr ""
 msgid "Invalid token"
 msgstr ""
 
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
+msgid "Invalidate private key"
+msgstr ""
+
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__iterations
 msgid "Iterations"
@@ -649,7 +647,8 @@ msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
+#: code:addons/vault/static/src/backend/user_menu.esm.js:0
 #, python-format
 msgid "Key Management"
 msgstr ""
@@ -661,7 +660,7 @@ msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Keyfile:"
 msgstr ""
@@ -672,12 +671,8 @@ msgid "Keys"
 msgstr ""
 
 #. module: vault
-#: model:ir.model.fields,field_description:vault.field_res_config_settings____last_update
-#: model:ir.model.fields,field_description:vault.field_res_users____last_update
 #: model:ir.model.fields,field_description:vault.field_res_users_key____last_update
 #: model:ir.model.fields,field_description:vault.field_vault____last_update
-#: model:ir.model.fields,field_description:vault.field_vault_abstract____last_update
-#: model:ir.model.fields,field_description:vault.field_vault_abstract_field____last_update
 #: model:ir.model.fields,field_description:vault.field_vault_entry____last_update
 #: model:ir.model.fields,field_description:vault.field_vault_export_wizard____last_update
 #: model:ir.model.fields,field_description:vault.field_vault_field____last_update
@@ -734,7 +729,7 @@ msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Length:"
 msgstr ""
@@ -785,8 +780,8 @@ msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault_utils.js:0
-#: code:addons/vault/static/src/js/vault_utils.js:0
+#: code:addons/vault/static/src/common/utils.esm.js:0
+#: code:addons/vault/static/src/common/utils.esm.js:0
 #, python-format
 msgid "Missing password"
 msgstr ""
@@ -878,7 +873,7 @@ msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Password:"
 msgstr ""
@@ -900,29 +895,29 @@ msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault_export.js:0
-#: code:addons/vault/static/src/js/vault_import.js:0
+#: code:addons/vault/static/src/backend/export.esm.js:0
+#: code:addons/vault/static/src/backend/import.esm.js:0
 #, python-format
 msgid "Please enter the password for the database"
 msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault_import.js:0
+#: code:addons/vault/static/src/backend/import.esm.js:0
 #, python-format
 msgid "Please enter the password for the keepass database"
 msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault.js:0
+#: code:addons/vault/static/src/backend/vault.esm.js:0
 #, python-format
 msgid "Please enter the password for your private key"
 msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Please enter your password or upload a keyfile:"
 msgstr ""
@@ -964,18 +959,18 @@ msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault_widget.js:0
-#: code:addons/vault/static/src/js/vault_widget.js:0
+#: code:addons/vault/static/src/legacy/vault_widget.js:0
+#: code:addons/vault/static/src/legacy/vault_widget.js:0
 #, python-format
 msgid "Save As..."
 msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
-#: code:addons/vault/static/src/xml/templates.xml:0
-#: code:addons/vault/static/src/xml/templates.xml:0
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Save in a vault"
 msgstr ""
@@ -1011,15 +1006,15 @@ msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Send the secret to an user"
 msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault_widget.js:0
+#: code:addons/vault/static/src/legacy/vault_widget.js:0
 #, python-format
 msgid "Send the secret to another user"
 msgstr ""
@@ -1031,8 +1026,8 @@ msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Show"
 msgstr ""
@@ -1045,7 +1040,7 @@ msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Special"
 msgstr ""
@@ -1062,7 +1057,7 @@ msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault_widget.js:0
+#: code:addons/vault/static/src/legacy/vault_widget.js:0
 #, python-format
 msgid "Store the secret in a vault"
 msgstr ""
@@ -1094,8 +1089,8 @@ msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault_widget.js:0
-#: code:addons/vault/static/src/js/vault_widget.js:0
+#: code:addons/vault/static/src/legacy/vault_widget.js:0
+#: code:addons/vault/static/src/legacy/vault_widget.js:0
 #, python-format
 msgid "The field is empty, there's nothing to save!"
 msgstr ""
@@ -1107,7 +1102,7 @@ msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault_utils.js:0
+#: code:addons/vault/static/src/common/utils.esm.js:0
 #, python-format
 msgid "The passwords aren't matching"
 msgstr ""
@@ -1135,7 +1130,7 @@ msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault_controller.js:0
+#: code:addons/vault/static/src/legacy/vault_controller.js:0
 #, python-format
 msgid "This will re-encrypt everything in the vault. Do you want to proceed?"
 msgstr ""
@@ -1147,7 +1142,7 @@ msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault_import.js:0
+#: code:addons/vault/static/src/backend/import.esm.js:0
 #, python-format
 msgid "Unsupported file to import"
 msgstr ""
@@ -1297,7 +1292,7 @@ msgstr ""
 #. module: vault
 #: code:addons/vault/models/vault_inbox.py:0
 #, python-format
-msgid "Written by %s via %s"
+msgid "Written by %(name)s via %(ip)s"
 msgstr ""
 
 #. module: vault
@@ -1313,9 +1308,15 @@ msgid ""
 "                        If an user is not showing please ask him to generate these."
 msgstr ""
 
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
+msgid ""
+"You will loose access to all vaults and your inbox. Do you want to continue?"
+msgstr ""
+
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "a-z"
 msgstr ""

From 88327927096eb1496c4d4d5babfd47cfb7210db9 Mon Sep 17 00:00:00 2001
From: oca-ci <oca-ci@odoo-community.org>
Date: Thu, 23 Mar 2023 18:03:11 +0000
Subject: [PATCH 33/71] Update vault_share.pot

---
 vault_share/i18n/vault_share.pot | 26 ++++++++++----------------
 1 file changed, 10 insertions(+), 16 deletions(-)

diff --git a/vault_share/i18n/vault_share.pot b/vault_share/i18n/vault_share.pot
index 8fd3ff71c6..9556dfab0d 100644
--- a/vault_share/i18n/vault_share.pot
+++ b/vault_share/i18n/vault_share.pot
@@ -4,7 +4,7 @@
 #
 msgid ""
 msgstr ""
-"Project-Id-Version: Odoo Server 14.0\n"
+"Project-Id-Version: Odoo Server 15.0\n"
 "Report-Msgid-Bugs-To: \n"
 "Last-Translator: \n"
 "Language-Team: \n"
@@ -70,8 +70,6 @@ msgid ""
 msgstr ""
 
 #. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_res_company__display_name
-#: model:ir.model.fields,field_description:vault_share.field_res_config_settings__display_name
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__display_name
 #: model:ir.model.fields,field_description:vault_share.field_vault_share_log__display_name
 msgid "Display Name"
@@ -93,8 +91,6 @@ msgid "Filename"
 msgstr ""
 
 #. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_res_company__id
-#: model:ir.model.fields,field_description:vault_share.field_res_config_settings__id
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__id
 #: model:ir.model.fields,field_description:vault_share.field_vault_share_log__id
 msgid "ID"
@@ -112,8 +108,6 @@ msgid "Iv"
 msgstr ""
 
 #. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_res_company____last_update
-#: model:ir.model.fields,field_description:vault_share.field_res_config_settings____last_update
 #: model:ir.model.fields,field_description:vault_share.field_vault_share____last_update
 #: model:ir.model.fields,field_description:vault_share.field_vault_share_log____last_update
 msgid "Last Modified on"
@@ -161,10 +155,10 @@ msgstr ""
 
 #. module: vault_share
 #. openerp-web
-#: code:addons/vault_share/static/src/xml/templates.xml:0
-#: code:addons/vault_share/static/src/xml/templates.xml:0
-#: code:addons/vault_share/static/src/xml/templates.xml:0
-#: code:addons/vault_share/static/src/xml/templates.xml:0
+#: code:addons/vault_share/static/src/backend/templates.xml:0
+#: code:addons/vault_share/static/src/backend/templates.xml:0
+#: code:addons/vault_share/static/src/backend/templates.xml:0
+#: code:addons/vault_share/static/src/backend/templates.xml:0
 #, python-format
 msgid "Save in a vault"
 msgstr ""
@@ -191,15 +185,15 @@ msgstr ""
 
 #. module: vault_share
 #. openerp-web
-#: code:addons/vault_share/static/src/js/vault_fields.js:0
+#: code:addons/vault_share/static/src/legacy/vault_fields.js:0
 #, python-format
 msgid "Share the secret"
 msgstr ""
 
 #. module: vault_share
 #. openerp-web
-#: code:addons/vault_share/static/src/xml/templates.xml:0
-#: code:addons/vault_share/static/src/xml/templates.xml:0
+#: code:addons/vault_share/static/src/backend/templates.xml:0
+#: code:addons/vault_share/static/src/backend/templates.xml:0
 #, python-format
 msgid "Share the secret with an external user"
 msgstr ""
@@ -244,13 +238,13 @@ msgstr ""
 #. module: vault_share
 #: code:addons/vault_share/models/vault_share.py:0
 #, python-format
-msgid "The share was accessed by %s via %s"
+msgid "The share was accessed by %(name)s via %(ip)s"
 msgstr ""
 
 #. module: vault_share
 #: code:addons/vault_share/models/vault_share.py:0
 #, python-format
-msgid "The share was created by %s"
+msgid "The share was created by %(name)s"
 msgstr ""
 
 #. module: vault_share

From 2eb73c897e79f334349024ec2d96176c8c0c08cd Mon Sep 17 00:00:00 2001
From: OCA-git-bot <oca-git-bot@odoo-community.org>
Date: Thu, 23 Mar 2023 18:06:38 +0000
Subject: [PATCH 34/71] README.rst

---
 vault/README.rst                          |  6 +++---
 vault/static/description/index.html       |  4 ++--
 vault_share/README.rst                    | 10 +++++-----
 vault_share/static/description/index.html |  6 +++---
 4 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/vault/README.rst b/vault/README.rst
index 2dd6403c30..62a89242d3 100644
--- a/vault/README.rst
+++ b/vault/README.rst
@@ -19,9 +19,9 @@ Vault
 .. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
     :target: https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-vault
     :alt: Translate me on Weblate
-.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png
-    :target: https://runboat.odoo-community.org/webui/builds.html?repo=OCA/server-auth&target_branch=15.0
-    :alt: Try me on Runboat
+.. |badge5| image:: https://img.shields.io/badge/runbot-Try%20me-875A7B.png
+    :target: https://runbot.odoo-community.org/runbot/251/15.0
+    :alt: Try me on Runbot
 
 |badge1| |badge2| |badge3| |badge4| |badge5| 
 
diff --git a/vault/static/description/index.html b/vault/static/description/index.html
index 5d014c6a01..6ca3dc7fde 100644
--- a/vault/static/description/index.html
+++ b/vault/static/description/index.html
@@ -3,7 +3,7 @@
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-<meta name="generator" content="Docutils: http://docutils.sourceforge.net/" />
+<meta name="generator" content="Docutils 0.15.1: http://docutils.sourceforge.net/" />
 <title>Vault</title>
 <style type="text/css">
 
@@ -367,7 +367,7 @@ <h1 class="title">Vault</h1>
 !! This file is generated by oca-gen-addon-readme !!
 !! changes will be overwritten.                   !!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -->
-<p><a class="reference external" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external" href="https://github.com/OCA/server-auth/tree/15.0/vault"><img alt="OCA/server-auth" src="https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github" /></a> <a class="reference external" href="https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-vault"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external" href="https://runboat.odoo-community.org/webui/builds.html?repo=OCA/server-auth&amp;target_branch=15.0"><img alt="Try me on Runboat" src="https://img.shields.io/badge/runboat-Try%20me-875A7B.png" /></a></p>
+<p><a class="reference external" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external" href="https://github.com/OCA/server-auth/tree/15.0/vault"><img alt="OCA/server-auth" src="https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github" /></a> <a class="reference external" href="https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-vault"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external" href="https://runbot.odoo-community.org/runbot/251/15.0"><img alt="Try me on Runbot" src="https://img.shields.io/badge/runbot-Try%20me-875A7B.png" /></a></p>
 <p>This module implements a vault for secrets and files using end-to-end-encryption. The encryption and decryption happens in the browser using a vault specific shared master key. The master keys are encrypted using asymmetrically. For this the user has to enter a second password on the first login or if he needs to access data in a vault. The asymmetric keys are stored for a certain time in the browser storage.</p>
 <p>The server can never access the secrets with the information available. Only people registered in the vault can decrypt or encrypt values in a vault. The meta data isn’t encrypted to be able to search/filter for entries more easily.</p>
 <p>This modules requires a secure context for the browser to work properly.</p>
diff --git a/vault_share/README.rst b/vault_share/README.rst
index 79c29aa762..499ee5f481 100644
--- a/vault_share/README.rst
+++ b/vault_share/README.rst
@@ -14,13 +14,13 @@ Vault - Share
     :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
     :alt: License: AGPL-3
 .. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github
-    :target: https://github.com/OCA/server-auth/tree/14.0/vault_share
+    :target: https://github.com/OCA/server-auth/tree/15.0/vault_share
     :alt: OCA/server-auth
 .. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
-    :target: https://translation.odoo-community.org/projects/server-auth-14-0/server-auth-14-0-vault_share
+    :target: https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-vault_share
     :alt: Translate me on Weblate
 .. |badge5| image:: https://img.shields.io/badge/runbot-Try%20me-875A7B.png
-    :target: https://runbot.odoo-community.org/runbot/251/14.0
+    :target: https://runbot.odoo-community.org/runbot/251/15.0
     :alt: Try me on Runbot
 
 |badge1| |badge2| |badge3| |badge4| |badge5| 
@@ -43,7 +43,7 @@ Bug Tracker
 Bugs are tracked on `GitHub Issues <https://github.com/OCA/server-auth/issues>`_.
 In case of trouble, please check there if your issue has already been reported.
 If you spotted it first, help us smashing it by providing a detailed and welcomed
-`feedback <https://github.com/OCA/server-auth/issues/new?body=module:%20vault_share%0Aversion:%2014.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
+`feedback <https://github.com/OCA/server-auth/issues/new?body=module:%20vault_share%0Aversion:%2015.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
 
 Do not contact contributors directly about support or help with technical issues.
 
@@ -73,6 +73,6 @@ OCA, or the Odoo Community Association, is a nonprofit organization whose
 mission is to support the collaborative development of Odoo features and
 promote its widespread use.
 
-This module is part of the `OCA/server-auth <https://github.com/OCA/server-auth/tree/14.0/vault_share>`_ project on GitHub.
+This module is part of the `OCA/server-auth <https://github.com/OCA/server-auth/tree/15.0/vault_share>`_ project on GitHub.
 
 You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.
diff --git a/vault_share/static/description/index.html b/vault_share/static/description/index.html
index 915b781b46..4b080257b0 100644
--- a/vault_share/static/description/index.html
+++ b/vault_share/static/description/index.html
@@ -367,7 +367,7 @@ <h1 class="title">Vault - Share</h1>
 !! This file is generated by oca-gen-addon-readme !!
 !! changes will be overwritten.                   !!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -->
-<p><a class="reference external" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external" href="https://github.com/OCA/server-auth/tree/14.0/vault_share"><img alt="OCA/server-auth" src="https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github" /></a> <a class="reference external" href="https://translation.odoo-community.org/projects/server-auth-14-0/server-auth-14-0-vault_share"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external" href="https://runbot.odoo-community.org/runbot/251/14.0"><img alt="Try me on Runbot" src="https://img.shields.io/badge/runbot-Try%20me-875A7B.png" /></a></p>
+<p><a class="reference external" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external" href="https://github.com/OCA/server-auth/tree/15.0/vault_share"><img alt="OCA/server-auth" src="https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github" /></a> <a class="reference external" href="https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-vault_share"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external" href="https://runbot.odoo-community.org/runbot/251/15.0"><img alt="Try me on Runbot" src="https://img.shields.io/badge/runbot-Try%20me-875A7B.png" /></a></p>
 <p>This module implements possibilities to share specific secrets with external users. This bases on the vault implementation and the generated RSA key pair.</p>
 <div class="section" id="share">
 <h1>Share</h1>
@@ -379,7 +379,7 @@ <h1>Bug Tracker</h1>
 <p>Bugs are tracked on <a class="reference external" href="https://github.com/OCA/server-auth/issues">GitHub Issues</a>.
 In case of trouble, please check there if your issue has already been reported.
 If you spotted it first, help us smashing it by providing a detailed and welcomed
-<a class="reference external" href="https://github.com/OCA/server-auth/issues/new?body=module:%20vault_share%0Aversion:%2014.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**">feedback</a>.</p>
+<a class="reference external" href="https://github.com/OCA/server-auth/issues/new?body=module:%20vault_share%0Aversion:%2015.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**">feedback</a>.</p>
 <p>Do not contact contributors directly about support or help with technical issues.</p>
 </div>
 <div class="section" id="credits">
@@ -403,7 +403,7 @@ <h2>Maintainers</h2>
 <p>OCA, or the Odoo Community Association, is a nonprofit organization whose
 mission is to support the collaborative development of Odoo features and
 promote its widespread use.</p>
-<p>This module is part of the <a class="reference external" href="https://github.com/OCA/server-auth/tree/14.0/vault_share">OCA/server-auth</a> project on GitHub.</p>
+<p>This module is part of the <a class="reference external" href="https://github.com/OCA/server-auth/tree/15.0/vault_share">OCA/server-auth</a> project on GitHub.</p>
 <p>You are welcome to contribute. To learn how please visit <a class="reference external" href="https://odoo-community.org/page/Contribute">https://odoo-community.org/page/Contribute</a>.</p>
 </div>
 </div>

From 7f187bd8a080bf107f3fc2d786f147e7beea05f4 Mon Sep 17 00:00:00 2001
From: Weblate <noreply@weblate.org>
Date: Thu, 23 Mar 2023 20:10:47 +0000
Subject: [PATCH 35/71] Update translation files

Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: server-auth-15.0/server-auth-15.0-vault
Translate-URL: https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-vault/
---
 vault/i18n/es.po | 119 ++++++++++++++++++++++++-----------------------
 1 file changed, 60 insertions(+), 59 deletions(-)

diff --git a/vault/i18n/es.po b/vault/i18n/es.po
index 9cf7547f6e..6b8eef361d 100644
--- a/vault/i18n/es.po
+++ b/vault/i18n/es.po
@@ -20,12 +20,12 @@ msgstr ""
 #. module: vault
 #: code:addons/vault/models/vault_entry.py:0
 #, python-format
-msgid "%s entry %s by %s"
-msgstr "%s registrado %s por %s"
+msgid "%(action)s entry %(name)s by %(user)s"
+msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "A-Z"
 msgstr "A-Z"
@@ -155,7 +155,7 @@ msgstr "Por vault"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault_utils.js:0
+#: code:addons/vault/static/src/common/utils.esm.js:0
 #: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_import_wizard
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_send_wizard
@@ -166,14 +166,14 @@ msgstr "Cancelar"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault_utils.js:0
+#: code:addons/vault/static/src/common/utils.esm.js:0
 #, python-format
 msgid "Cancelled"
 msgstr "Cancelado"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Characters:"
 msgstr "Caracteres:"
@@ -205,7 +205,7 @@ msgstr "Opciones de Configuración"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Confirm your password:"
 msgstr "Confirma tu contraseña:"
@@ -217,7 +217,7 @@ msgstr "Contenido"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Copy to clipboard"
 msgstr "Copiar al portapapeles"
@@ -247,16 +247,16 @@ msgid "Created by"
 msgstr "Creado por"
 
 #. module: vault
-#: code:addons/vault/wizards/vault_send_wizard.py:0
+#: code:addons/vault/models/vault_inbox.py:0
 #, python-format
-msgid "Created by %s"
-msgstr "Creado por %s"
+msgid "Created by %(name)s via %(ip)s"
+msgstr ""
 
 #. module: vault
-#: code:addons/vault/models/vault_inbox.py:0
+#: code:addons/vault/wizards/vault_send_wizard.py:0
 #, python-format
-msgid "Created by %s via %s"
-msgstr "Creado por %s via %s"
+msgid "Created by %s"
+msgstr "Creado por %s"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__create_date
@@ -303,12 +303,8 @@ msgid "Delete"
 msgstr "Borrar"
 
 #. module: vault
-#: model:ir.model.fields,field_description:vault.field_res_config_settings__display_name
-#: model:ir.model.fields,field_description:vault.field_res_users__display_name
 #: model:ir.model.fields,field_description:vault.field_res_users_key__display_name
 #: model:ir.model.fields,field_description:vault.field_vault__display_name
-#: model:ir.model.fields,field_description:vault.field_vault_abstract__display_name
-#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__display_name
 #: model:ir.model.fields,field_description:vault.field_vault_entry__display_name
 #: model:ir.model.fields,field_description:vault.field_vault_export_wizard__display_name
 #: model:ir.model.fields,field_description:vault.field_vault_field__display_name
@@ -327,7 +323,7 @@ msgstr "Nombre a mostrar"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault_controller.js:0
+#: code:addons/vault/static/src/legacy/vault_controller.js:0
 #, python-format
 msgid "Do you really want to create a new key pair and set it active?"
 msgstr "¿Realmente quieres crear un nuevo par de claves y activarlo?"
@@ -339,14 +335,14 @@ msgstr "Descargar"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault_utils.js:0
+#: code:addons/vault/static/src/common/utils.esm.js:0
 #, python-format
 msgid "Enter"
 msgstr "Ingrese a"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Enter your password:"
 msgstr "Ingresa tu contraseña:"
@@ -416,21 +412,21 @@ msgstr "Asistente de exportación para vaults"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault.js:0
+#: code:addons/vault/static/src/backend/vault.esm.js:0
 #, python-format
 msgid "Failed to export keys to object store"
 msgstr "Fallo en la exportación de claves al almacén de objetos"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault.js:0
+#: code:addons/vault/static/src/backend/vault.esm.js:0
 #, python-format
 msgid "Failed to export the keys to the database"
 msgstr "Fallo en la exportación de claves a la base de datos"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault.js:0
+#: code:addons/vault/static/src/backend/vault.esm.js:0
 #, python-format
 msgid "Failed to import keys from database"
 msgstr "Fallo en la importación de claves desde la base de datos"
@@ -479,14 +475,14 @@ msgstr "Huella digital"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Generate"
 msgstr "Generar"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Generate a new secret:"
 msgstr "Generar nuevo secreto:"
@@ -498,18 +494,14 @@ msgstr "Agrupado"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Hide"
 msgstr "Ocultar"
 
 #. module: vault
-#: model:ir.model.fields,field_description:vault.field_res_config_settings__id
-#: model:ir.model.fields,field_description:vault.field_res_users__id
 #: model:ir.model.fields,field_description:vault.field_res_users_key__id
 #: model:ir.model.fields,field_description:vault.field_vault__id
-#: model:ir.model.fields,field_description:vault.field_vault_abstract__id
-#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__id
 #: model:ir.model.fields,field_description:vault.field_vault_entry__id
 #: model:ir.model.fields,field_description:vault.field_vault_export_wizard__id
 #: model:ir.model.fields,field_description:vault.field_vault_field__id
@@ -656,7 +648,8 @@ msgstr "Clave"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
+#: code:addons/vault/static/src/backend/user_menu.esm.js:0
 #, python-format
 msgid "Key Management"
 msgstr "Gestión de claves"
@@ -668,7 +661,7 @@ msgstr "Clave de usuario"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Keyfile:"
 msgstr "Archivo de llaves:"
@@ -679,12 +672,8 @@ msgid "Keys"
 msgstr "Claves"
 
 #. module: vault
-#: model:ir.model.fields,field_description:vault.field_res_config_settings____last_update
-#: model:ir.model.fields,field_description:vault.field_res_users____last_update
 #: model:ir.model.fields,field_description:vault.field_res_users_key____last_update
 #: model:ir.model.fields,field_description:vault.field_vault____last_update
-#: model:ir.model.fields,field_description:vault.field_vault_abstract____last_update
-#: model:ir.model.fields,field_description:vault.field_vault_abstract_field____last_update
 #: model:ir.model.fields,field_description:vault.field_vault_entry____last_update
 #: model:ir.model.fields,field_description:vault.field_vault_export_wizard____last_update
 #: model:ir.model.fields,field_description:vault.field_vault_field____last_update
@@ -741,7 +730,7 @@ msgstr "Última actualización en"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Length:"
 msgstr "Longitud:"
@@ -792,7 +781,7 @@ msgstr "Falta el nombre del fichero"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault_utils.js:0
+#: code:addons/vault/static/src/common/utils.esm.js:0
 #, python-format
 msgid "Missing password"
 msgstr "Falta la contraseña"
@@ -884,7 +873,7 @@ msgstr "Registro padre"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Password:"
 msgstr "Contraseña:"
@@ -906,29 +895,29 @@ msgstr "Usuario permanente"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault_export.js:0
-#: code:addons/vault/static/src/js/vault_import.js:0
+#: code:addons/vault/static/src/backend/export.esm.js:0
+#: code:addons/vault/static/src/backend/import.esm.js:0
 #, python-format
 msgid "Please enter the password for the database"
 msgstr "Por favor, introduzca la contraseña de la base de datos"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault_import.js:0
+#: code:addons/vault/static/src/backend/import.esm.js:0
 #, python-format
 msgid "Please enter the password for the keepass database"
 msgstr "Por favor, introduzca la contraseña de la base de datos keepass"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault.js:0
+#: code:addons/vault/static/src/backend/vault.esm.js:0
 #, python-format
 msgid "Please enter the password for your private key"
 msgstr "Por favor, introduzca la contraseña de su clave privada"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Please enter your password or upload a keyfile:"
 msgstr "Por favor, introduzca su contraseña o cargue un archivo de claves:"
@@ -970,14 +959,14 @@ msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault_widget.js:0
+#: code:addons/vault/static/src/legacy/vault_widget.js:0
 #, python-format
 msgid "Save As..."
 msgstr "Guardar como..."
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Save in a vault"
 msgstr "Guardar en un vault"
@@ -1013,14 +1002,14 @@ msgstr "Enviar"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Send the secret to an user"
 msgstr "Enviar secreto a un usuario"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault_widget.js:0
+#: code:addons/vault/static/src/legacy/vault_widget.js:0
 #, python-format
 msgid "Send the secret to another user"
 msgstr "Enviar secreto a otro usuario"
@@ -1032,7 +1021,7 @@ msgstr "Compartir"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Show"
 msgstr "Mostrar"
@@ -1045,7 +1034,7 @@ msgstr "Algo ha ido mal en el encriptado"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Special"
 msgstr "Especial"
@@ -1062,7 +1051,7 @@ msgstr "Tienda"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault_widget.js:0
+#: code:addons/vault/static/src/legacy/vault_widget.js:0
 #, python-format
 msgid "Store the secret in a vault"
 msgstr "Guarda el secreto en un vault"
@@ -1094,7 +1083,7 @@ msgstr "El UUID debe ser único."
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault_widget.js:0
+#: code:addons/vault/static/src/legacy/vault_widget.js:0
 #, python-format
 msgid "The field is empty, there's nothing to save!"
 msgstr "El campo está vacío, ¡no hay nada que guardar!"
@@ -1106,7 +1095,7 @@ msgstr "Los archivos deben terminar en uno de los tipos de archivo admitidos:"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault_utils.js:0
+#: code:addons/vault/static/src/common/utils.esm.js:0
 #, python-format
 msgid "The passwords aren't matching"
 msgstr "Las contraseñas no coinciden"
@@ -1136,7 +1125,7 @@ msgstr "El usuario debe ser único"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault_controller.js:0
+#: code:addons/vault/static/src/legacy/vault_controller.js:0
 #, python-format
 msgid "This will re-encrypt everything in the vault. Do you want to proceed?"
 msgstr "Esto volverá a encriptar todo en el vault. ¿Quieres proceder?"
@@ -1148,7 +1137,7 @@ msgstr "Token"
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/js/vault_import.js:0
+#: code:addons/vault/static/src/backend/import.esm.js:0
 #, python-format
 msgid "Unsupported file to import"
 msgstr "Archivo no compatible para importar"
@@ -1301,8 +1290,8 @@ msgstr "Escribir"
 #. module: vault
 #: code:addons/vault/models/vault_inbox.py:0
 #, python-format
-msgid "Written by %s via %s"
-msgstr "Escrito por %s via %s"
+msgid "Written by %(name)s via %(ip)s"
+msgstr ""
 
 #. module: vault
 #: code:addons/vault/models/vault_entry.py:0
@@ -1330,7 +1319,7 @@ msgstr ""
 
 #. module: vault
 #. openerp-web
-#: code:addons/vault/static/src/xml/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "a-z"
 msgstr "a-z"
@@ -1341,3 +1330,15 @@ msgstr "a-z"
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_store_wizard
 msgid "or"
 msgstr "o"
+
+#, python-format
+#~ msgid "%s entry %s by %s"
+#~ msgstr "%s registrado %s por %s"
+
+#, python-format
+#~ msgid "Created by %s via %s"
+#~ msgstr "Creado por %s via %s"
+
+#, python-format
+#~ msgid "Written by %s via %s"
+#~ msgstr "Escrito por %s via %s"

From 77b316235e8b19e1fe7758361a4aac719692688b Mon Sep 17 00:00:00 2001
From: Weblate <noreply@weblate.org>
Date: Thu, 23 Mar 2023 20:10:56 +0000
Subject: [PATCH 36/71] Update translation files

Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: server-auth-15.0/server-auth-15.0-vault_share
Translate-URL: https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-vault_share/
---
 vault_share/i18n/es.po | 34 +++++++++++++++++++++-------------
 1 file changed, 21 insertions(+), 13 deletions(-)

diff --git a/vault_share/i18n/es.po b/vault_share/i18n/es.po
index 752e01d09a..ff6d234ebd 100644
--- a/vault_share/i18n/es.po
+++ b/vault_share/i18n/es.po
@@ -8,14 +8,14 @@ msgstr ""
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2022-06-06 07:44+0000\n"
 "PO-Revision-Date: 2022-06-06 09:54+0200\n"
+"Last-Translator: \n"
 "Language-Team: \n"
+"Language: es\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
 "Plural-Forms: nplurals=2; plural=(n != 1);\n"
 "X-Generator: Poedit 2.3\n"
-"Last-Translator: \n"
-"Language: es\n"
 
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__accesses
@@ -161,7 +161,7 @@ msgstr ""
 
 #. module: vault_share
 #. openerp-web
-#: code:addons/vault_share/static/src/xml/templates.xml:0
+#: code:addons/vault_share/static/src/backend/templates.xml:0
 #, python-format
 msgid "Save in a vault"
 msgstr "Guardar en un vault"
@@ -188,14 +188,14 @@ msgstr "Compartir url"
 
 #. module: vault_share
 #. openerp-web
-#: code:addons/vault_share/static/src/js/vault_fields.js:0
+#: code:addons/vault_share/static/src/legacy/vault_fields.js:0
 #, python-format
 msgid "Share the secret"
 msgstr "Compartir el secreto"
 
 #. module: vault_share
 #. openerp-web
-#: code:addons/vault_share/static/src/xml/templates.xml:0
+#: code:addons/vault_share/static/src/backend/templates.xml:0
 #, python-format
 msgid "Share the secret with an external user"
 msgstr "Compartir el secreto con usuario externo"
@@ -220,15 +220,15 @@ msgstr "Recursos comparidos"
 #: model:ir.model.fields,help:vault_share.field_vault_share__expiration
 msgid "Specifies how long a share can be accessed until deletion."
 msgstr ""
-"Especifica el tiempo que se puede acceder a un recurso compartido hasta "
-"su eliminación."
+"Especifica el tiempo que se puede acceder a un recurso compartido hasta su "
+"eliminación."
 
 #. module: vault_share
 #: model:ir.model.fields,help:vault_share.field_vault_share__accesses
 msgid "Specifies how often a share can be accessed before deletion."
 msgstr ""
-"Especifica la frecuencia con la que se puede acceder a un recurso "
-"compartido antes de eliminarlo."
+"Especifica la frecuencia con la que se puede acceder a un recurso compartido "
+"antes de eliminarlo."
 
 #. module: vault_share
 #: model:ir.model.fields,help:vault_share.field_vault_share__pin
@@ -244,14 +244,14 @@ msgstr "El secreto ha expirado"
 #. module: vault_share
 #: code:addons/vault_share/models/vault_share.py:0
 #, python-format
-msgid "The share was accessed by %s via %s"
-msgstr "El recurso compartido fue accedido por %s a través de %s"
+msgid "The share was accessed by %(name)s via %(ip)s"
+msgstr ""
 
 #. module: vault_share
 #: code:addons/vault_share/models/vault_share.py:0
 #, python-format
-msgid "The share was created by %s"
-msgstr "El recurso compartido fue creado por %s"
+msgid "The share was created by %(name)s"
+msgstr ""
 
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__token
@@ -286,3 +286,11 @@ msgstr ""
 #, python-format
 msgid "Vault share outgoing secrets"
 msgstr ""
+
+#, python-format
+#~ msgid "The share was accessed by %s via %s"
+#~ msgstr "El recurso compartido fue accedido por %s a través de %s"
+
+#, python-format
+#~ msgid "The share was created by %s"
+#~ msgstr "El recurso compartido fue creado por %s"

From c9d460b895a10c72d0b3b13b534dbcdd5d5b38a7 Mon Sep 17 00:00:00 2001
From: Bosd <c5e2fd43-d292-4c90-9d1f-74ff3436329a@anonaddy.me>
Date: Fri, 5 May 2023 10:05:15 +0000
Subject: [PATCH 37/71] Added translation using Weblate (Dutch)

---
 vault/i18n/nl.po | 1330 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 1330 insertions(+)
 create mode 100644 vault/i18n/nl.po

diff --git a/vault/i18n/nl.po b/vault/i18n/nl.po
new file mode 100644
index 0000000000..8aecb2387a
--- /dev/null
+++ b/vault/i18n/nl.po
@@ -0,0 +1,1330 @@
+# Translation of Odoo Server.
+# This file contains the translation of the following modules:
+# 	* vault
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Odoo Server 15.0\n"
+"Report-Msgid-Bugs-To: \n"
+"Last-Translator: Automatically generated\n"
+"Language-Team: none\n"
+"Language: nl\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: \n"
+"Plural-Forms: nplurals=2; plural=n != 1;\n"
+
+#. module: vault
+#: code:addons/vault/models/vault_entry.py:0
+#, python-format
+msgid "%(action)s entry %(name)s by %(user)s"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/backend/templates.xml:0
+#, python-format
+msgid "A-Z"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/abstract_vault_field.py:0
+#: model:ir.model,name:vault.model_vault_abstract_field
+#, python-format
+msgid "Abstract model to implement basic fields for encryption"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/abstract_vault.py:0
+#: model:ir.model,name:vault.model_vault_abstract
+#, python-format
+msgid "Abstract model to implement general access rights"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__accesses
+msgid "Access counter"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users__active_key
+msgid "Active Key"
+msgstr ""
+
+#. module: vault
+#: model:ir.actions.act_window,name:vault.action_vault_entry
+#: model:ir.ui.menu,name:vault.menu_vault_entry
+msgid "All Entries"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.res_config_settings_view_form
+msgid "Allow the usage to share secrets with external users"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,help:vault.field_vault_right__perm_create
+msgid "Allow to create in the vault"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,help:vault.field_vault_right__perm_delete
+msgid "Allow to delete a vault"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,help:vault.field_vault_right__perm_share
+msgid "Allow to share a vault with new users"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,help:vault.field_vault_right__perm_write
+msgid "Allow to write to the vault"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__allowed_create
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__allowed_create
+#: model:ir.model.fields,field_description:vault.field_vault_entry__allowed_create
+#: model:ir.model.fields,field_description:vault.field_vault_field__allowed_create
+#: model:ir.model.fields,field_description:vault.field_vault_file__allowed_create
+#: model:ir.model.fields,field_description:vault.field_vault_right__allowed_create
+msgid "Allowed Create"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__allowed_delete
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__allowed_delete
+#: model:ir.model.fields,field_description:vault.field_vault_entry__allowed_delete
+#: model:ir.model.fields,field_description:vault.field_vault_field__allowed_delete
+#: model:ir.model.fields,field_description:vault.field_vault_file__allowed_delete
+#: model:ir.model.fields,field_description:vault.field_vault_right__allowed_delete
+msgid "Allowed Delete"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__allowed_read
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__allowed_read
+#: model:ir.model.fields,field_description:vault.field_vault_entry__allowed_read
+#: model:ir.model.fields,field_description:vault.field_vault_field__allowed_read
+#: model:ir.model.fields,field_description:vault.field_vault_file__allowed_read
+#: model:ir.model.fields,field_description:vault.field_vault_right__allowed_read
+msgid "Allowed Read"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__allowed_share
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__allowed_share
+#: model:ir.model.fields,field_description:vault.field_vault_entry__allowed_share
+#: model:ir.model.fields,field_description:vault.field_vault_field__allowed_share
+#: model:ir.model.fields,field_description:vault.field_vault_file__allowed_share
+#: model:ir.model.fields,field_description:vault.field_vault_right__allowed_share
+msgid "Allowed Share"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__allowed_write
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__allowed_write
+#: model:ir.model.fields,field_description:vault.field_vault_entry__allowed_write
+#: model:ir.model.fields,field_description:vault.field_vault_field__allowed_write
+#: model:ir.model.fields,field_description:vault.field_vault_file__allowed_write
+#: model:ir.model.fields,field_description:vault.field_vault_right__allowed_write
+msgid "Allowed Write"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/controllers/main.py:0
+#, python-format
+msgid "An error occured. Please contact the user or administrator"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_right_overview_search
+msgid "By user"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_right_overview_search
+msgid "By vault"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/common/utils.esm.js:0
+#: code:addons/vault/static/src/common/utils.esm.js:0
+#: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_import_wizard
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_send_wizard
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_store_wizard
+#, python-format
+msgid "Cancel"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/common/utils.esm.js:0
+#: code:addons/vault/static/src/common/utils.esm.js:0
+#, python-format
+msgid "Cancelled"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/backend/templates.xml:0
+#, python-format
+msgid "Characters:"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_entry__child_ids
+msgid "Child"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_form
+msgid "Childs"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_export_wizard
+msgid "Close"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_entry__complete_name
+msgid "Complete Name"
+msgstr ""
+
+#. module: vault
+#: model:ir.model,name:vault.model_res_config_settings
+msgid "Config Settings"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/backend/templates.xml:0
+#, python-format
+msgid "Confirm your password:"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_form
+msgid "Content"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/backend/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
+#, python-format
+msgid "Copy to clipboard"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_right__perm_create
+msgid "Create"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_entry__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_field__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_file__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_inbox_log__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_log__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_right__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__create_uid
+#: model:ir.model.fields,field_description:vault.field_vault_tag__create_uid
+msgid "Created by"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_inbox.py:0
+#, python-format
+msgid "Created by %(name)s via %(ip)s"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/wizards/vault_send_wizard.py:0
+#, python-format
+msgid "Created by %s"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__create_date
+#: model:ir.model.fields,field_description:vault.field_vault__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_entry__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_field__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_file__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_inbox_log__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_log__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_right__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__create_date
+#: model:ir.model.fields,field_description:vault.field_vault_tag__create_date
+msgid "Created on"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__crypted_content
+msgid "Crypted Content"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__current
+msgid "Current"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_import_wizard
+msgid "Custom JSON format <b>.json</b>"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__content
+msgid "Database"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_right__perm_delete
+msgid "Delete"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__display_name
+#: model:ir.model.fields,field_description:vault.field_vault__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_entry__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_field__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_file__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_inbox_log__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_log__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_right__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__display_name
+#: model:ir.model.fields,field_description:vault.field_vault_tag__display_name
+msgid "Display Name"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/legacy/vault_controller.js:0
+#, python-format
+msgid "Do you really want to create a new key pair and set it active?"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__content
+msgid "Download"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/common/utils.esm.js:0
+#: code:addons/vault/static/src/common/utils.esm.js:0
+#, python-format
+msgid "Enter"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/backend/templates.xml:0
+#, python-format
+msgid "Enter your password:"
+msgstr ""
+
+#. module: vault
+#: model:ir.actions.act_window,name:vault.action_open_entries
+#: model:ir.model.fields,field_description:vault.field_vault__entry_ids
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__entry_id
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_search
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_form
+msgid "Entries"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__entry_id
+#: model:ir.model.fields,field_description:vault.field_vault_field__entry_id
+#: model:ir.model.fields,field_description:vault.field_vault_file__entry_id
+#: model:ir.model.fields,field_description:vault.field_vault_log__entry_id
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__entry_id
+msgid "Entry"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_entry.py:0
+#: model:ir.model,name:vault.model_vault_entry
+#, python-format
+msgid "Entry inside a vault"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_log.py:0
+#, python-format
+msgid "Error"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__expiration
+msgid "Expiration"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_entry__expired
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_search
+msgid "Expired"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_entry__expire_date
+msgid "Expires on"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault.py:0
+#: code:addons/vault/models/vault_entry.py:0
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_form
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_form
+#, python-format
+msgid "Export to file"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/wizards/vault_export_wizard.py:0
+#: model:ir.model,name:vault.model_vault_export_wizard
+#, python-format
+msgid "Export wizard for vaults"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/backend/vault.esm.js:0
+#, python-format
+msgid "Failed to export keys to object store"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/backend/vault.esm.js:0
+#, python-format
+msgid "Failed to export the keys to the database"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/backend/vault.esm.js:0
+#, python-format
+msgid "Failed to import keys from database"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_field.py:0
+#: model:ir.model,name:vault.model_vault_field
+#, python-format
+msgid "Field of a vault"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__field_ids
+#: model:ir.model.fields,field_description:vault.field_vault_entry__field_ids
+msgid "Fields"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_file.py:0
+#: model:ir.model,name:vault.model_vault_file
+#, python-format
+msgid "File of a vault"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.inbox
+msgid "File to share:"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__filename
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__filename
+msgid "Filename"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__file_ids
+#: model:ir.model.fields,field_description:vault.field_vault_entry__file_ids
+msgid "Files"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__fingerprint
+msgid "Fingerprint"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/backend/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
+#, python-format
+msgid "Generate"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/backend/templates.xml:0
+#, python-format
+msgid "Generate a new secret:"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_right_overview_search
+msgid "Grouped"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/backend/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
+#, python-format
+msgid "Hide"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__id
+#: model:ir.model.fields,field_description:vault.field_vault__id
+#: model:ir.model.fields,field_description:vault.field_vault_entry__id
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__id
+#: model:ir.model.fields,field_description:vault.field_vault_field__id
+#: model:ir.model.fields,field_description:vault.field_vault_file__id
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__id
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__id
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__id
+#: model:ir.model.fields,field_description:vault.field_vault_inbox_log__id
+#: model:ir.model.fields,field_description:vault.field_vault_log__id
+#: model:ir.model.fields,field_description:vault.field_vault_right__id
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__id
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__id
+#: model:ir.model.fields,field_description:vault.field_vault_tag__id
+msgid "ID"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,help:vault.field_vault_inbox__expiration
+msgid "If expired the inbox can't be written using the link"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,help:vault.field_vault_inbox__accesses
+msgid "If this is 0 the inbox can't be written using the link"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_import_wizard
+msgid "Import"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault.py:0
+#: code:addons/vault/models/vault_entry.py:0
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_form
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_form
+#, python-format
+msgid "Import from file"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/wizards/vault_import_wizard.py:0
+#: model:ir.model,name:vault.model_vault_import_wizard
+#, python-format
+msgid "Import wizard for vaults"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/wizards/vault_import_wizard.py:0
+#: model:ir.model,name:vault.model_vault_import_wizard_path
+#, python-format
+msgid "Import wizard path for vaults"
+msgstr ""
+
+#. module: vault
+#: model:ir.actions.act_window,name:vault.action_vault_inbox
+#: model:ir.model.fields,field_description:vault.field_res_users__inbox_ids
+#: model:ir.model.fields,field_description:vault.field_vault_inbox_log__inbox_id
+#: model:ir.ui.menu,name:vault.menu_vault_inbox
+msgid "Inbox"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users__inbox_enabled
+msgid "Inbox Enabled"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users__inbox_link
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__inbox_link
+msgid "Inbox Link"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users__inbox_token
+msgid "Inbox Token"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__include_childs
+msgid "Include Childs"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_log.py:0
+#, python-format
+msgid "Information"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/wizards/vault_import_wizard.py:0
+#, python-format
+msgid "Invalid file to import from"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/res_users_key.py:0
+#: code:addons/vault/models/res_users_key.py:0
+#: code:addons/vault/models/res_users_key.py:0
+#, python-format
+msgid "Invalid parameter"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/controllers/main.py:0
+#, python-format
+msgid "Invalid token"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
+msgid "Invalidate private key"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__iterations
+msgid "Iterations"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__iv
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__iv
+#: model:ir.model.fields,field_description:vault.field_vault_field__iv
+#: model:ir.model.fields,field_description:vault.field_vault_file__iv
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__iv
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__iv
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__iv
+msgid "Iv"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_import_wizard
+msgid "Keepass Database <b>.kdbx</b>"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__key
+#: model:ir.model.fields,field_description:vault.field_vault_right__key
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__key
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__key
+msgid "Key"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/backend/templates.xml:0
+#: code:addons/vault/static/src/backend/user_menu.esm.js:0
+#, python-format
+msgid "Key Management"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__key_user
+msgid "Key User"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/backend/templates.xml:0
+#, python-format
+msgid "Keyfile:"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users__keys
+msgid "Keys"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key____last_update
+#: model:ir.model.fields,field_description:vault.field_vault____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_entry____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_field____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_file____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_inbox____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_inbox_log____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_log____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_right____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard____last_update
+#: model:ir.model.fields,field_description:vault.field_vault_tag____last_update
+msgid "Last Modified on"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_entry__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_field__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_file__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_inbox_log__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_log__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_right__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__write_uid
+#: model:ir.model.fields,field_description:vault.field_vault_tag__write_uid
+msgid "Last Updated by"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__write_date
+#: model:ir.model.fields,field_description:vault.field_vault__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_entry__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_field__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_file__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_inbox_log__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_log__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_right__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__write_date
+#: model:ir.model.fields,field_description:vault.field_vault_tag__write_date
+msgid "Last Updated on"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/backend/templates.xml:0
+#, python-format
+msgid "Length:"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__log_ids
+#: model:ir.model.fields,field_description:vault.field_vault_entry__log_ids
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__log_ids
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_form
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_form
+msgid "Log"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_log.py:0
+#: model:ir.model,name:vault.model_vault_log
+#, python-format
+msgid "Log entry of a vault"
+msgstr ""
+
+#. module: vault
+#: model:ir.actions.act_window,name:vault.action_res_users_keys
+msgid "Manage my keys"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__master_key
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__master_key
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__master_key
+#: model:ir.model.fields,field_description:vault.field_vault_field__master_key
+#: model:ir.model.fields,field_description:vault.field_vault_file__master_key
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__master_key
+#: model:ir.model.fields,field_description:vault.field_vault_right__master_key
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__master_key
+msgid "Master Key"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_log__message
+msgid "Message"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/controllers/main.py:0
+#, python-format
+msgid "Missing filename"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/common/utils.esm.js:0
+#: code:addons/vault/static/src/common/utils.esm.js:0
+#, python-format
+msgid "Missing password"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__model
+msgid "Model"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_config_settings__module_vault_share
+msgid "Module Vault Share"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__name
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__name
+#: model:ir.model.fields,field_description:vault.field_vault_entry__name
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__name
+#: model:ir.model.fields,field_description:vault.field_vault_field__name
+#: model:ir.model.fields,field_description:vault.field_vault_file__name
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__name
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__name
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__name
+#: model:ir.model.fields,field_description:vault.field_vault_inbox_log__name
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__name
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__name
+#: model:ir.model.fields,field_description:vault.field_vault_tag__name
+msgid "Name"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.inbox
+msgid "Name of your secret:"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
+msgid "New inbox link"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
+msgid "New private key"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/controllers/main.py:0
+#, python-format
+msgid "No secret found"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_inbox.py:0
+#: code:addons/vault/wizards/vault_send_wizard.py:0
+#: model:ir.model.constraint,message:vault.constraint_vault_inbox_value_check
+#: model:ir.model.constraint,message:vault.constraint_vault_send_wizard_value_check
+#, python-format
+msgid "No value found"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_search
+msgid "Not Expired"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__note
+#: model:ir.model.fields,field_description:vault.field_vault_entry__note
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_form
+msgid "Note"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__user_id
+#: model:ir.model.fields,field_description:vault.field_vault_entry__user_id
+msgid "Owner"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_entry__parent_id
+msgid "Parent"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__parent_id
+msgid "Parent Entry"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/backend/templates.xml:0
+#, python-format
+msgid "Password:"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__path
+msgid "Path to import"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__perm_user
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__perm_user
+#: model:ir.model.fields,field_description:vault.field_vault_entry__perm_user
+#: model:ir.model.fields,field_description:vault.field_vault_field__perm_user
+#: model:ir.model.fields,field_description:vault.field_vault_file__perm_user
+#: model:ir.model.fields,field_description:vault.field_vault_right__perm_user
+msgid "Perm User"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/backend/export.esm.js:0
+#: code:addons/vault/static/src/backend/import.esm.js:0
+#, python-format
+msgid "Please enter the password for the database"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/backend/import.esm.js:0
+#, python-format
+msgid "Please enter the password for the keepass database"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/backend/vault.esm.js:0
+#, python-format
+msgid "Please enter the password for your private key"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/backend/templates.xml:0
+#, python-format
+msgid "Please enter your password or upload a keyfile:"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/controllers/main.py:0
+#, python-format
+msgid "Please specify a name"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__private
+msgid "Private"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__public
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__public
+msgid "Public"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_right__public_key
+msgid "Public Key"
+msgstr ""
+
+#. module: vault
+#: model:ir.actions.act_window,name:vault.action_vault_right
+#: model:ir.model.fields,field_description:vault.field_vault__right_ids
+#: model:ir.ui.menu,name:vault.menu_vault_right
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_form
+msgid "Rights"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__salt
+msgid "Salt"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/legacy/vault_widget.js:0
+#: code:addons/vault/static/src/legacy/vault_widget.js:0
+#, python-format
+msgid "Save As..."
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/backend/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
+#, python-format
+msgid "Save in a vault"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__secret
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__secret
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__secret
+#: model_terms:ir.ui.view,arch_db:vault.inbox
+msgid "Secret"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__secret_file
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__secret_file
+msgid "Secret File"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__secret_temporary
+msgid "Secret Temporary"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.inbox
+msgid "Secret to share:"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_send_wizard
+msgid "Send"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/backend/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
+#, python-format
+msgid "Send the secret to an user"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/legacy/vault_widget.js:0
+#, python-format
+msgid "Send the secret to another user"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_right__perm_share
+msgid "Share"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/backend/templates.xml:0
+#: code:addons/vault/static/src/backend/templates.xml:0
+#, python-format
+msgid "Show"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/controllers/main.py:0
+#, python-format
+msgid "Something went wrong with the encryption"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/backend/templates.xml:0
+#, python-format
+msgid "Special"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_log__state
+msgid "State"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_store_wizard
+msgid "Store"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/legacy/vault_widget.js:0
+#, python-format
+msgid "Store the secret in a vault"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.inbox
+msgid "Submit secret"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/controllers/main.py:0
+#, python-format
+msgid "Successfully stored"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_entry__tags
+msgid "Tags"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault.py:0
+#: code:addons/vault/models/vault_entry.py:0
+#: model:ir.model.constraint,message:vault.constraint_vault_entry_vault_uuid_uniq
+#: model:ir.model.constraint,message:vault.constraint_vault_uuid_uniq
+#, python-format
+msgid "The UUID must be unique."
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/legacy/vault_widget.js:0
+#: code:addons/vault/static/src/legacy/vault_widget.js:0
+#, python-format
+msgid "The field is empty, there's nothing to save!"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_import_wizard
+msgid "The files must end on one of the supported file type:"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/common/utils.esm.js:0
+#, python-format
+msgid "The passwords aren't matching"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/abstract_vault.py:0
+#, python-format
+msgid ""
+"The requested operation can not be completed due to security restrictions."
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_tag.py:0
+#: model:ir.model.constraint,message:vault.constraint_vault_tag_name_uniq
+#, python-format
+msgid "The tag must be unique!"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_right.py:0
+#: model:ir.model.constraint,message:vault.constraint_vault_right_user_uniq
+#, python-format
+msgid "The user must be unique"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/legacy/vault_controller.js:0
+#, python-format
+msgid "This will re-encrypt everything in the vault. Do you want to proceed?"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__token
+msgid "Token"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/backend/import.esm.js:0
+#, python-format
+msgid "Unsupported file to import"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_entry__url
+msgid "Url"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__user_id
+#: model:ir.model.fields,field_description:vault.field_vault_log__user_id
+#: model:ir.model.fields,field_description:vault.field_vault_right__user_id
+#: model:ir.model.fields,field_description:vault.field_vault_send_wizard__user_id
+msgid "User"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/res_users_key.py:0
+#: model:ir.model,name:vault.model_res_users_key
+#, python-format
+msgid "User data of a vault"
+msgstr ""
+
+#. module: vault
+#: model:ir.model,name:vault.model_res_users
+msgid "Users"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,help:vault.field_vault_inbox__inbox_link
+msgid ""
+"Using this link you can write to the current inbox. If you want people to "
+"create new inboxes you should give them your inbox link from your key "
+"management."
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__uuid
+#: model:ir.model.fields,field_description:vault.field_vault__uuid
+#: model:ir.model.fields,field_description:vault.field_vault_entry__uuid
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__uuid
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__uuid
+msgid "Uuid"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_field__value
+#: model:ir.model.fields,field_description:vault.field_vault_file__value
+msgid "Value"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault.py:0
+#: model:ir.actions.act_window,name:vault.action_vault
+#: model:ir.model,name:vault.model_vault
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__vault_id
+#: model:ir.model.fields,field_description:vault.field_vault_entry__vault_id
+#: model:ir.model.fields,field_description:vault.field_vault_export_wizard__vault_id
+#: model:ir.model.fields,field_description:vault.field_vault_field__vault_id
+#: model:ir.model.fields,field_description:vault.field_vault_file__vault_id
+#: model:ir.model.fields,field_description:vault.field_vault_import_wizard__vault_id
+#: model:ir.model.fields,field_description:vault.field_vault_inbox__user_id
+#: model:ir.model.fields,field_description:vault.field_vault_log__vault_id
+#: model:ir.model.fields,field_description:vault.field_vault_right__vault_id
+#: model:ir.model.fields,field_description:vault.field_vault_store_wizard__vault_id
+#: model:ir.ui.menu,name:vault.menu_vault
+#: model_terms:ir.ui.view,arch_db:vault.res_config_settings_view_form
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_search
+#, python-format
+msgid "Vault"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users__vault_right_ids
+msgid "Vault Right"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.res_config_settings_view_form
+msgid "Vault Share"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_inbox_log.py:0
+#: model:ir.model,name:vault.model_vault_inbox_log
+#, python-format
+msgid "Vault inbox log"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_right.py:0
+#: model:ir.model,name:vault.model_vault_right
+#, python-format
+msgid "Vault rights"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_inbox.py:0
+#: model:ir.model,name:vault.model_vault_inbox
+#, python-format
+msgid "Vault share incoming secrets"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_tag.py:0
+#: model:ir.model,name:vault.model_vault_tag
+#, python-format
+msgid "Vault tag"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_search
+msgid "Vaults"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_users_key__version
+msgid "Version"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_log.py:0
+#, python-format
+msgid "Warning"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/wizards/vault_store_wizard.py:0
+#: model:ir.model,name:vault.model_vault_store_wizard
+#, python-format
+msgid "Wizard store a shared secret in a vault"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/wizards/vault_send_wizard.py:0
+#: model:ir.model,name:vault.model_vault_send_wizard
+#, python-format
+msgid "Wizard to send another user a secret"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_right__perm_write
+msgid "Write"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_inbox.py:0
+#, python-format
+msgid "Written by %(name)s via %(ip)s"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_entry.py:0
+#, python-format
+msgid "You can not create recursive entries."
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_send_wizard
+msgid ""
+"You can only send the secret to the user who has generated a key-pair.\n"
+"                        If an user is not showing please ask him to generate these."
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
+msgid ""
+"You will loose access to all vaults and your inbox. Do you want to continue?"
+msgstr ""
+
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/backend/templates.xml:0
+#, python-format
+msgid "a-z"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_import_wizard
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_send_wizard
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_store_wizard
+msgid "or"
+msgstr ""

From c1707fa2b1ff0230e00ed52255de6d423260bd52 Mon Sep 17 00:00:00 2001
From: Bosd <c5e2fd43-d292-4c90-9d1f-74ff3436329a@anonaddy.me>
Date: Fri, 5 May 2023 10:45:15 +0000
Subject: [PATCH 38/71] Added translation using Weblate (Dutch)

---
 vault_share/i18n/nl.po | 283 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 283 insertions(+)
 create mode 100644 vault_share/i18n/nl.po

diff --git a/vault_share/i18n/nl.po b/vault_share/i18n/nl.po
new file mode 100644
index 0000000000..eb4f02a0a3
--- /dev/null
+++ b/vault_share/i18n/nl.po
@@ -0,0 +1,283 @@
+# Translation of Odoo Server.
+# This file contains the translation of the following modules:
+# 	* vault_share
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Odoo Server 15.0\n"
+"Report-Msgid-Bugs-To: \n"
+"Last-Translator: Automatically generated\n"
+"Language-Team: none\n"
+"Language: nl\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: \n"
+"Plural-Forms: nplurals=2; plural=n != 1;\n"
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__accesses
+msgid "Access counter"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.actions.server,name:vault_share.cron_share_clean_ir_actions_server
+#: model:ir.cron,cron_name:vault_share.cron_share_clean
+#: model:ir.cron,name:vault_share.cron_share_clean
+msgid "Clean outgoing share"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model,name:vault_share.model_res_company
+msgid "Companies"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model,name:vault_share.model_res_config_settings
+msgid "Config Settings"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__create_uid
+#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__create_uid
+msgid "Created by"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__create_date
+#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__create_date
+msgid "Created on"
+msgstr ""
+
+#. module: vault_share
+#: model_terms:ir.ui.view,arch_db:vault_share.res_config_settings_view_form
+msgid "Days"
+msgstr ""
+
+#. module: vault_share
+#: model_terms:ir.ui.view,arch_db:vault_share.res_config_settings_view_form
+msgid "Delay the deletion of shares"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_res_config_settings__vault_share_delay
+msgid "Delayed Deletion"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,help:vault_share.field_res_config_settings__vault_share_delay
+msgid ""
+"Delays the deletion of a share. After the expiration date it continues to "
+"stay inaccessible"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__display_name
+#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__display_name
+msgid "Display Name"
+msgstr ""
+
+#. module: vault_share
+#: model_terms:ir.ui.view,arch_db:vault_share.share
+msgid "Enter the pin:"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__expiration
+msgid "Expiration"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__filename
+msgid "Filename"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__id
+#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__id
+msgid "ID"
+msgstr ""
+
+#. module: vault_share
+#: code:addons/vault_share/controllers/main.py:0
+#, python-format
+msgid "Invalid token"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__iv
+msgid "Iv"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share____last_update
+#: model:ir.model.fields,field_description:vault_share.field_vault_share_log____last_update
+msgid "Last Modified on"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__write_uid
+#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__write_uid
+msgid "Last Updated by"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__write_date
+#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__write_date
+msgid "Last Updated on"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__log_ids
+msgid "Log"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__name
+#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__name
+msgid "Name"
+msgstr ""
+
+#. module: vault_share
+#: code:addons/vault_share/models/vault_share.py:0
+#: model:ir.model.constraint,message:vault_share.constraint_vault_share_value_check
+#, python-format
+msgid "No value found"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__pin
+msgid "Pin"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__salt
+msgid "Salt"
+msgstr ""
+
+#. module: vault_share
+#. openerp-web
+#: code:addons/vault_share/static/src/backend/templates.xml:0
+#: code:addons/vault_share/static/src/backend/templates.xml:0
+#: code:addons/vault_share/static/src/backend/templates.xml:0
+#: code:addons/vault_share/static/src/backend/templates.xml:0
+#, python-format
+msgid "Save in a vault"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__secret
+msgid "Secret"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__secret_file
+msgid "Secret File"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__share_id
+msgid "Share"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__share_link
+msgid "Share URL"
+msgstr ""
+
+#. module: vault_share
+#. openerp-web
+#: code:addons/vault_share/static/src/legacy/vault_fields.js:0
+#, python-format
+msgid "Share the secret"
+msgstr ""
+
+#. module: vault_share
+#. openerp-web
+#: code:addons/vault_share/static/src/backend/templates.xml:0
+#: code:addons/vault_share/static/src/backend/templates.xml:0
+#, python-format
+msgid "Share the secret with an external user"
+msgstr ""
+
+#. module: vault_share
+#: model_terms:ir.ui.view,arch_db:vault_share.share
+msgid "Shared file:"
+msgstr ""
+
+#. module: vault_share
+#: model_terms:ir.ui.view,arch_db:vault_share.share
+msgid "Shared secret:"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.actions.act_window,name:vault_share.action_vault_share
+#: model:ir.ui.menu,name:vault_share.menu_vault_share
+msgid "Shares"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,help:vault_share.field_vault_share__expiration
+msgid "Specifies how long a share can be accessed until deletion."
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,help:vault_share.field_vault_share__accesses
+msgid "Specifies how often a share can be accessed before deletion."
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,help:vault_share.field_vault_share__pin
+msgid "The pin needed to decrypt the share."
+msgstr ""
+
+#. module: vault_share
+#: code:addons/vault_share/controllers/main.py:0
+#, python-format
+msgid "The secret expired"
+msgstr ""
+
+#. module: vault_share
+#: code:addons/vault_share/models/vault_share.py:0
+#, python-format
+msgid "The share was accessed by %(name)s via %(ip)s"
+msgstr ""
+
+#. module: vault_share
+#: code:addons/vault_share/models/vault_share.py:0
+#, python-format
+msgid "The share was created by %(name)s"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__token
+msgid "Token"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_vault_share__user_id
+msgid "User"
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,help:vault_share.field_vault_share__share_link
+msgid "Using this link and pin people can access the secret."
+msgstr ""
+
+#. module: vault_share
+#: model:ir.model.fields,field_description:vault_share.field_res_company__vault_share_delay
+msgid "Vault Share Delay"
+msgstr ""
+
+#. module: vault_share
+#: code:addons/vault_share/models/vault_share_log.py:0
+#: model:ir.model,name:vault_share.model_vault_share_log
+#, python-format
+msgid "Vault share log"
+msgstr ""
+
+#. module: vault_share
+#: code:addons/vault_share/models/vault_share.py:0
+#: model:ir.model,name:vault_share.model_vault_share
+#, python-format
+msgid "Vault share outgoing secrets"
+msgstr ""

From d4120af0bf1c45f5d22f2515f82c612d9a91aa1a Mon Sep 17 00:00:00 2001
From: Bosd <c5e2fd43-d292-4c90-9d1f-74ff3436329a@anonaddy.me>
Date: Fri, 5 May 2023 10:07:13 +0000
Subject: [PATCH 39/71] Translated using Weblate (Dutch)

Currently translated at 65.5% (122 of 186 strings)

Translation: server-auth-15.0/server-auth-15.0-vault
Translate-URL: https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-vault/nl/
---
 vault/i18n/nl.po | 247 ++++++++++++++++++++++++-----------------------
 1 file changed, 125 insertions(+), 122 deletions(-)

diff --git a/vault/i18n/nl.po b/vault/i18n/nl.po
index 8aecb2387a..b66ea9de63 100644
--- a/vault/i18n/nl.po
+++ b/vault/i18n/nl.po
@@ -6,56 +6,58 @@ msgid ""
 msgstr ""
 "Project-Id-Version: Odoo Server 15.0\n"
 "Report-Msgid-Bugs-To: \n"
-"Last-Translator: Automatically generated\n"
+"PO-Revision-Date: 2023-05-05 10:45+0000\n"
+"Last-Translator: Bosd <c5e2fd43-d292-4c90-9d1f-74ff3436329a@anonaddy.me>\n"
 "Language-Team: none\n"
 "Language: nl\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: \n"
 "Plural-Forms: nplurals=2; plural=n != 1;\n"
+"X-Generator: Weblate 4.14.1\n"
 
 #. module: vault
 #: code:addons/vault/models/vault_entry.py:0
 #, python-format
 msgid "%(action)s entry %(name)s by %(user)s"
-msgstr ""
+msgstr "%(action)s toegang %(name)s door %(user)s"
 
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "A-Z"
-msgstr ""
+msgstr "A-Z"
 
 #. module: vault
 #: code:addons/vault/models/abstract_vault_field.py:0
 #: model:ir.model,name:vault.model_vault_abstract_field
 #, python-format
 msgid "Abstract model to implement basic fields for encryption"
-msgstr ""
+msgstr "Abstract model om basisvelden voor encryptie te implementeren"
 
 #. module: vault
 #: code:addons/vault/models/abstract_vault.py:0
 #: model:ir.model,name:vault.model_vault_abstract
 #, python-format
 msgid "Abstract model to implement general access rights"
-msgstr ""
+msgstr "Abstract model om algemene toegangsrechten te implementeren"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_inbox__accesses
 msgid "Access counter"
-msgstr ""
+msgstr "Toegangsteller"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users__active_key
 msgid "Active Key"
-msgstr ""
+msgstr "Actieve sleutel"
 
 #. module: vault
 #: model:ir.actions.act_window,name:vault.action_vault_entry
 #: model:ir.ui.menu,name:vault.menu_vault_entry
 msgid "All Entries"
-msgstr ""
+msgstr "Alle invoeren"
 
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.res_config_settings_view_form
@@ -137,11 +139,12 @@ msgstr ""
 #, python-format
 msgid "An error occured. Please contact the user or administrator"
 msgstr ""
+"Er is een fout opgetreden. Neem contact op met de gebruiker of beheerder"
 
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_right_overview_search
 msgid "By user"
-msgstr ""
+msgstr "Door gebruiker"
 
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_right_overview_search
@@ -158,7 +161,7 @@ msgstr ""
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_store_wizard
 #, python-format
 msgid "Cancel"
-msgstr ""
+msgstr "Annuleer"
 
 #. module: vault
 #. openerp-web
@@ -166,14 +169,14 @@ msgstr ""
 #: code:addons/vault/static/src/common/utils.esm.js:0
 #, python-format
 msgid "Cancelled"
-msgstr ""
+msgstr "Geannuleerd"
 
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Characters:"
-msgstr ""
+msgstr "Karakters:"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_entry__child_ids
@@ -188,29 +191,29 @@ msgstr ""
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_export_wizard
 msgid "Close"
-msgstr ""
+msgstr "Sluiten"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_entry__complete_name
 msgid "Complete Name"
-msgstr ""
+msgstr "Volledige naam"
 
 #. module: vault
 #: model:ir.model,name:vault.model_res_config_settings
 msgid "Config Settings"
-msgstr ""
+msgstr "Configuratie-instellingen"
 
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Confirm your password:"
-msgstr ""
+msgstr "Bevestig uw wachtwoord:"
 
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_form
 msgid "Content"
-msgstr ""
+msgstr "Inhoud"
 
 #. module: vault
 #. openerp-web
@@ -218,12 +221,12 @@ msgstr ""
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Copy to clipboard"
-msgstr ""
+msgstr "Kopiëren naar klembord"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_right__perm_create
 msgid "Create"
-msgstr ""
+msgstr "Aanmaken"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__create_uid
@@ -242,7 +245,7 @@ msgstr ""
 #: model:ir.model.fields,field_description:vault.field_vault_store_wizard__create_uid
 #: model:ir.model.fields,field_description:vault.field_vault_tag__create_uid
 msgid "Created by"
-msgstr ""
+msgstr "Aangemaakt door"
 
 #. module: vault
 #: code:addons/vault/models/vault_inbox.py:0
@@ -254,7 +257,7 @@ msgstr ""
 #: code:addons/vault/wizards/vault_send_wizard.py:0
 #, python-format
 msgid "Created by %s"
-msgstr ""
+msgstr "Aangemaakt door %s"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__create_date
@@ -273,17 +276,17 @@ msgstr ""
 #: model:ir.model.fields,field_description:vault.field_vault_store_wizard__create_date
 #: model:ir.model.fields,field_description:vault.field_vault_tag__create_date
 msgid "Created on"
-msgstr ""
+msgstr "Aangemaakt op"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_import_wizard__crypted_content
 msgid "Crypted Content"
-msgstr ""
+msgstr "Versleutelde inhoud"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__current
 msgid "Current"
-msgstr ""
+msgstr "Huidig"
 
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_import_wizard
@@ -293,12 +296,12 @@ msgstr ""
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_import_wizard__content
 msgid "Database"
-msgstr ""
+msgstr "Database"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_right__perm_delete
 msgid "Delete"
-msgstr ""
+msgstr "Verwijder"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__display_name
@@ -317,19 +320,19 @@ msgstr ""
 #: model:ir.model.fields,field_description:vault.field_vault_store_wizard__display_name
 #: model:ir.model.fields,field_description:vault.field_vault_tag__display_name
 msgid "Display Name"
-msgstr ""
+msgstr "Schermnaam"
 
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/legacy/vault_controller.js:0
 #, python-format
 msgid "Do you really want to create a new key pair and set it active?"
-msgstr ""
+msgstr "Wilt u echt een nieuw sleutelpaar aanmaken en activeren?"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_export_wizard__content
 msgid "Download"
-msgstr ""
+msgstr "Download"
 
 #. module: vault
 #. openerp-web
@@ -344,7 +347,7 @@ msgstr ""
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Enter your password:"
-msgstr ""
+msgstr "Voer uw wachtwoord in:"
 
 #. module: vault
 #: model:ir.actions.act_window,name:vault.action_open_entries
@@ -353,7 +356,7 @@ msgstr ""
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_search
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_form
 msgid "Entries"
-msgstr ""
+msgstr "Boekingen"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_abstract_field__entry_id
@@ -375,23 +378,23 @@ msgstr ""
 #: code:addons/vault/models/vault_log.py:0
 #, python-format
 msgid "Error"
-msgstr ""
+msgstr "Fout"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_inbox__expiration
 msgid "Expiration"
-msgstr ""
+msgstr "Vervaldatum"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_entry__expired
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_search
 msgid "Expired"
-msgstr ""
+msgstr "Verlopen"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_entry__expire_date
 msgid "Expires on"
-msgstr ""
+msgstr "Verloopt op"
 
 #. module: vault
 #: code:addons/vault/models/vault.py:0
@@ -400,7 +403,7 @@ msgstr ""
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_form
 #, python-format
 msgid "Export to file"
-msgstr ""
+msgstr "Export naar bestand"
 
 #. module: vault
 #: code:addons/vault/wizards/vault_export_wizard.py:0
@@ -428,7 +431,7 @@ msgstr ""
 #: code:addons/vault/static/src/backend/vault.esm.js:0
 #, python-format
 msgid "Failed to import keys from database"
-msgstr ""
+msgstr "Kan geen sleutels uit database importeren"
 
 #. module: vault
 #: code:addons/vault/models/vault_field.py:0
@@ -441,7 +444,7 @@ msgstr ""
 #: model:ir.model.fields,field_description:vault.field_vault__field_ids
 #: model:ir.model.fields,field_description:vault.field_vault_entry__field_ids
 msgid "Fields"
-msgstr ""
+msgstr "Velden"
 
 #. module: vault
 #: code:addons/vault/models/vault_file.py:0
@@ -459,18 +462,18 @@ msgstr ""
 #: model:ir.model.fields,field_description:vault.field_vault_inbox__filename
 #: model:ir.model.fields,field_description:vault.field_vault_send_wizard__filename
 msgid "Filename"
-msgstr ""
+msgstr "Bestandsnaam"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault__file_ids
 #: model:ir.model.fields,field_description:vault.field_vault_entry__file_ids
 msgid "Files"
-msgstr ""
+msgstr "Bestanden"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__fingerprint
 msgid "Fingerprint"
-msgstr ""
+msgstr "Fingerprint"
 
 #. module: vault
 #. openerp-web
@@ -478,19 +481,19 @@ msgstr ""
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Generate"
-msgstr ""
+msgstr "Genereer"
 
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Generate a new secret:"
-msgstr ""
+msgstr "Genereer een nieuw geheim:"
 
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_right_overview_search
 msgid "Grouped"
-msgstr ""
+msgstr "Gegroepeerd"
 
 #. module: vault
 #. openerp-web
@@ -498,7 +501,7 @@ msgstr ""
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Hide"
-msgstr ""
+msgstr "Verbergen"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__id
@@ -517,7 +520,7 @@ msgstr ""
 #: model:ir.model.fields,field_description:vault.field_vault_store_wizard__id
 #: model:ir.model.fields,field_description:vault.field_vault_tag__id
 msgid "ID"
-msgstr ""
+msgstr "ID"
 
 #. module: vault
 #: model:ir.model.fields,help:vault.field_vault_inbox__expiration
@@ -532,7 +535,7 @@ msgstr ""
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_import_wizard
 msgid "Import"
-msgstr ""
+msgstr "Import"
 
 #. module: vault
 #: code:addons/vault/models/vault.py:0
@@ -541,14 +544,14 @@ msgstr ""
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_form
 #, python-format
 msgid "Import from file"
-msgstr ""
+msgstr "Importeren uit bestand"
 
 #. module: vault
 #: code:addons/vault/wizards/vault_import_wizard.py:0
 #: model:ir.model,name:vault.model_vault_import_wizard
 #, python-format
 msgid "Import wizard for vaults"
-msgstr ""
+msgstr "Wizard voor het importeren van kluizen"
 
 #. module: vault
 #: code:addons/vault/wizards/vault_import_wizard.py:0
@@ -563,7 +566,7 @@ msgstr ""
 #: model:ir.model.fields,field_description:vault.field_vault_inbox_log__inbox_id
 #: model:ir.ui.menu,name:vault.menu_vault_inbox
 msgid "Inbox"
-msgstr ""
+msgstr "Inbox"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users__inbox_enabled
@@ -579,7 +582,7 @@ msgstr ""
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users__inbox_token
 msgid "Inbox Token"
-msgstr ""
+msgstr "Inbox Token"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_export_wizard__include_childs
@@ -590,7 +593,7 @@ msgstr ""
 #: code:addons/vault/models/vault_log.py:0
 #, python-format
 msgid "Information"
-msgstr ""
+msgstr "Informatie"
 
 #. module: vault
 #: code:addons/vault/wizards/vault_import_wizard.py:0
@@ -604,13 +607,13 @@ msgstr ""
 #: code:addons/vault/models/res_users_key.py:0
 #, python-format
 msgid "Invalid parameter"
-msgstr ""
+msgstr "Ongeldige parameter"
 
 #. module: vault
 #: code:addons/vault/controllers/main.py:0
 #, python-format
 msgid "Invalid token"
-msgstr ""
+msgstr "Ongeldige token"
 
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
@@ -620,7 +623,7 @@ msgstr ""
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__iterations
 msgid "Iterations"
-msgstr ""
+msgstr "Iteraties"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__iv
@@ -636,7 +639,7 @@ msgstr ""
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_import_wizard
 msgid "Keepass Database <b>.kdbx</b>"
-msgstr ""
+msgstr "Keepass Database <b>.kdbx</b>"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_inbox__key
@@ -644,7 +647,7 @@ msgstr ""
 #: model:ir.model.fields,field_description:vault.field_vault_send_wizard__key
 #: model:ir.model.fields,field_description:vault.field_vault_store_wizard__key
 msgid "Key"
-msgstr ""
+msgstr "Sleutel"
 
 #. module: vault
 #. openerp-web
@@ -664,12 +667,12 @@ msgstr ""
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Keyfile:"
-msgstr ""
+msgstr "Keyfile:"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users__keys
 msgid "Keys"
-msgstr ""
+msgstr "Keys"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key____last_update
@@ -688,7 +691,7 @@ msgstr ""
 #: model:ir.model.fields,field_description:vault.field_vault_store_wizard____last_update
 #: model:ir.model.fields,field_description:vault.field_vault_tag____last_update
 msgid "Last Modified on"
-msgstr ""
+msgstr "Laatst gewijzigd op"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__write_uid
@@ -707,7 +710,7 @@ msgstr ""
 #: model:ir.model.fields,field_description:vault.field_vault_store_wizard__write_uid
 #: model:ir.model.fields,field_description:vault.field_vault_tag__write_uid
 msgid "Last Updated by"
-msgstr ""
+msgstr "Laatst bijgewerkt door"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__write_date
@@ -726,14 +729,14 @@ msgstr ""
 #: model:ir.model.fields,field_description:vault.field_vault_store_wizard__write_date
 #: model:ir.model.fields,field_description:vault.field_vault_tag__write_date
 msgid "Last Updated on"
-msgstr ""
+msgstr "Laatst bijgewerkt op"
 
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Length:"
-msgstr ""
+msgstr "Lengte:"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault__log_ids
@@ -742,19 +745,19 @@ msgstr ""
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_form
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_form
 msgid "Log"
-msgstr ""
+msgstr "Log"
 
 #. module: vault
 #: code:addons/vault/models/vault_log.py:0
 #: model:ir.model,name:vault.model_vault_log
 #, python-format
 msgid "Log entry of a vault"
-msgstr ""
+msgstr "Logboekvermelding van een kluis"
 
 #. module: vault
 #: model:ir.actions.act_window,name:vault.action_res_users_keys
 msgid "Manage my keys"
-msgstr ""
+msgstr "Beheer mijn sleutels"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault__master_key
@@ -766,18 +769,18 @@ msgstr ""
 #: model:ir.model.fields,field_description:vault.field_vault_right__master_key
 #: model:ir.model.fields,field_description:vault.field_vault_store_wizard__master_key
 msgid "Master Key"
-msgstr ""
+msgstr "Hoofdsleutel"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_log__message
 msgid "Message"
-msgstr ""
+msgstr "Bericht"
 
 #. module: vault
 #: code:addons/vault/controllers/main.py:0
 #, python-format
 msgid "Missing filename"
-msgstr ""
+msgstr "Ontbrekende bestandsnaam"
 
 #. module: vault
 #. openerp-web
@@ -785,12 +788,12 @@ msgstr ""
 #: code:addons/vault/static/src/common/utils.esm.js:0
 #, python-format
 msgid "Missing password"
-msgstr ""
+msgstr "Ontbrekend wachtwoord"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_store_wizard__model
 msgid "Model"
-msgstr ""
+msgstr "Type"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_config_settings__module_vault_share
@@ -812,7 +815,7 @@ msgstr ""
 #: model:ir.model.fields,field_description:vault.field_vault_store_wizard__name
 #: model:ir.model.fields,field_description:vault.field_vault_tag__name
 msgid "Name"
-msgstr ""
+msgstr "Naam"
 
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.inbox
@@ -827,13 +830,13 @@ msgstr ""
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
 msgid "New private key"
-msgstr ""
+msgstr "Nieuwe privésleutel"
 
 #. module: vault
 #: code:addons/vault/controllers/main.py:0
 #, python-format
 msgid "No secret found"
-msgstr ""
+msgstr "Geen geheim gevonden"
 
 #. module: vault
 #: code:addons/vault/models/vault_inbox.py:0
@@ -842,30 +845,30 @@ msgstr ""
 #: model:ir.model.constraint,message:vault.constraint_vault_send_wizard_value_check
 #, python-format
 msgid "No value found"
-msgstr ""
+msgstr "Geen waarde gevonden"
 
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_search
 msgid "Not Expired"
-msgstr ""
+msgstr "Niet verlopen"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault__note
 #: model:ir.model.fields,field_description:vault.field_vault_entry__note
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_form
 msgid "Note"
-msgstr ""
+msgstr "Notitie"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault__user_id
 #: model:ir.model.fields,field_description:vault.field_vault_entry__user_id
 msgid "Owner"
-msgstr ""
+msgstr "Eigenaar"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_entry__parent_id
 msgid "Parent"
-msgstr ""
+msgstr "Bovenliggend"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_import_wizard__parent_id
@@ -877,12 +880,12 @@ msgstr ""
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Password:"
-msgstr ""
+msgstr "Wachtwoord:"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_import_wizard__path
 msgid "Path to import"
-msgstr ""
+msgstr "Pad om te importeren"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault__perm_user
@@ -900,50 +903,50 @@ msgstr ""
 #: code:addons/vault/static/src/backend/import.esm.js:0
 #, python-format
 msgid "Please enter the password for the database"
-msgstr ""
+msgstr "Voer het wachtwoord van de database in"
 
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/backend/import.esm.js:0
 #, python-format
 msgid "Please enter the password for the keepass database"
-msgstr ""
+msgstr "Voer het wachtwoord van de keepass database in"
 
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/backend/vault.esm.js:0
 #, python-format
 msgid "Please enter the password for your private key"
-msgstr ""
+msgstr "Voer het wachtwoord voor uw privésleutel in"
 
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Please enter your password or upload a keyfile:"
-msgstr ""
+msgstr "Voer uw wachtwoord in of upload een keyfile:"
 
 #. module: vault
 #: code:addons/vault/controllers/main.py:0
 #, python-format
 msgid "Please specify a name"
-msgstr ""
+msgstr "Geef een naam op"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__private
 msgid "Private"
-msgstr ""
+msgstr "Privé"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__public
 #: model:ir.model.fields,field_description:vault.field_vault_send_wizard__public
 msgid "Public"
-msgstr ""
+msgstr "Openbaar"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_right__public_key
 msgid "Public Key"
-msgstr ""
+msgstr "Openbare sleutel"
 
 #. module: vault
 #: model:ir.actions.act_window,name:vault.action_vault_right
@@ -951,7 +954,7 @@ msgstr ""
 #: model:ir.ui.menu,name:vault.menu_vault_right
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_form
 msgid "Rights"
-msgstr ""
+msgstr "Rechten"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__salt
@@ -964,7 +967,7 @@ msgstr ""
 #: code:addons/vault/static/src/legacy/vault_widget.js:0
 #, python-format
 msgid "Save As..."
-msgstr ""
+msgstr "Opslaan als..."
 
 #. module: vault
 #. openerp-web
@@ -974,7 +977,7 @@ msgstr ""
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Save in a vault"
-msgstr ""
+msgstr "Opslaan in een kluis"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_inbox__secret
@@ -982,13 +985,13 @@ msgstr ""
 #: model:ir.model.fields,field_description:vault.field_vault_store_wizard__secret
 #: model_terms:ir.ui.view,arch_db:vault.inbox
 msgid "Secret"
-msgstr ""
+msgstr "Geheim"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_inbox__secret_file
 #: model:ir.model.fields,field_description:vault.field_vault_send_wizard__secret_file
 msgid "Secret File"
-msgstr ""
+msgstr "Secret File"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_store_wizard__secret_temporary
@@ -998,12 +1001,12 @@ msgstr ""
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.inbox
 msgid "Secret to share:"
-msgstr ""
+msgstr "Geheim om te delen:"
 
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_send_wizard
 msgid "Send"
-msgstr ""
+msgstr "Verzenden"
 
 #. module: vault
 #. openerp-web
@@ -1011,19 +1014,19 @@ msgstr ""
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Send the secret to an user"
-msgstr ""
+msgstr "Verzend het geheim naar een gebruiker"
 
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/legacy/vault_widget.js:0
 #, python-format
 msgid "Send the secret to another user"
-msgstr ""
+msgstr "Verzend het geheim naar een andere gebruiker"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_right__perm_share
 msgid "Share"
-msgstr ""
+msgstr "Delen"
 
 #. module: vault
 #. openerp-web
@@ -1031,25 +1034,25 @@ msgstr ""
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Show"
-msgstr ""
+msgstr "Toon"
 
 #. module: vault
 #: code:addons/vault/controllers/main.py:0
 #, python-format
 msgid "Something went wrong with the encryption"
-msgstr ""
+msgstr "Er ging iets mis met de encryptie"
 
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Special"
-msgstr ""
+msgstr "Speciaal"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_log__state
 msgid "State"
-msgstr ""
+msgstr "Status"
 
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_store_wizard
@@ -1072,12 +1075,12 @@ msgstr ""
 #: code:addons/vault/controllers/main.py:0
 #, python-format
 msgid "Successfully stored"
-msgstr ""
+msgstr "Succesvol opgeslagen"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_entry__tags
 msgid "Tags"
-msgstr ""
+msgstr "Labels"
 
 #. module: vault
 #: code:addons/vault/models/vault.py:0
@@ -1086,7 +1089,7 @@ msgstr ""
 #: model:ir.model.constraint,message:vault.constraint_vault_uuid_uniq
 #, python-format
 msgid "The UUID must be unique."
-msgstr ""
+msgstr "De UUID moet uniek zijn."
 
 #. module: vault
 #. openerp-web
@@ -1106,7 +1109,7 @@ msgstr ""
 #: code:addons/vault/static/src/common/utils.esm.js:0
 #, python-format
 msgid "The passwords aren't matching"
-msgstr ""
+msgstr "De wachtwoorden komen niet overeen"
 
 #. module: vault
 #: code:addons/vault/models/abstract_vault.py:0
@@ -1120,38 +1123,38 @@ msgstr ""
 #: model:ir.model.constraint,message:vault.constraint_vault_tag_name_uniq
 #, python-format
 msgid "The tag must be unique!"
-msgstr ""
+msgstr "Het label moet uniek zijn!"
 
 #. module: vault
 #: code:addons/vault/models/vault_right.py:0
 #: model:ir.model.constraint,message:vault.constraint_vault_right_user_uniq
 #, python-format
 msgid "The user must be unique"
-msgstr ""
+msgstr "De gebruiker moet uniek zijn"
 
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/legacy/vault_controller.js:0
 #, python-format
 msgid "This will re-encrypt everything in the vault. Do you want to proceed?"
-msgstr ""
+msgstr "Dit zal alles in de kluis opnieuw versleutelen. Wil je doorgaan?"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_inbox__token
 msgid "Token"
-msgstr ""
+msgstr "Token"
 
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/backend/import.esm.js:0
 #, python-format
 msgid "Unsupported file to import"
-msgstr ""
+msgstr "Niet ondersteund bestand voor import"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_entry__url
 msgid "Url"
-msgstr ""
+msgstr "Url"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__user_id
@@ -1159,7 +1162,7 @@ msgstr ""
 #: model:ir.model.fields,field_description:vault.field_vault_right__user_id
 #: model:ir.model.fields,field_description:vault.field_vault_send_wizard__user_id
 msgid "User"
-msgstr ""
+msgstr "Gebruiker"
 
 #. module: vault
 #: code:addons/vault/models/res_users_key.py:0
@@ -1171,7 +1174,7 @@ msgstr ""
 #. module: vault
 #: model:ir.model,name:vault.model_res_users
 msgid "Users"
-msgstr ""
+msgstr "Gebruikers"
 
 #. module: vault
 #: model:ir.model.fields,help:vault.field_vault_inbox__inbox_link
@@ -1188,13 +1191,13 @@ msgstr ""
 #: model:ir.model.fields,field_description:vault.field_vault_import_wizard__uuid
 #: model:ir.model.fields,field_description:vault.field_vault_import_wizard_path__uuid
 msgid "Uuid"
-msgstr ""
+msgstr "Uuid"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_field__value
 #: model:ir.model.fields,field_description:vault.field_vault_file__value
 msgid "Value"
-msgstr ""
+msgstr "Waarde"
 
 #. module: vault
 #: code:addons/vault/models/vault.py:0
@@ -1263,13 +1266,13 @@ msgstr ""
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__version
 msgid "Version"
-msgstr ""
+msgstr "Versie"
 
 #. module: vault
 #: code:addons/vault/models/vault_log.py:0
 #, python-format
 msgid "Warning"
-msgstr ""
+msgstr "Waarschuwing"
 
 #. module: vault
 #: code:addons/vault/wizards/vault_store_wizard.py:0
@@ -1294,7 +1297,7 @@ msgstr ""
 #: code:addons/vault/models/vault_inbox.py:0
 #, python-format
 msgid "Written by %(name)s via %(ip)s"
-msgstr ""
+msgstr "Geschreven door %(name)s via %(ip)s"
 
 #. module: vault
 #: code:addons/vault/models/vault_entry.py:0
@@ -1320,11 +1323,11 @@ msgstr ""
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "a-z"
-msgstr ""
+msgstr "a-z"
 
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_import_wizard
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_send_wizard
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_store_wizard
 msgid "or"
-msgstr ""
+msgstr "of"

From f85fbd02a2016c32a190845321600a7e74d9583c Mon Sep 17 00:00:00 2001
From: Bosd <c5e2fd43-d292-4c90-9d1f-74ff3436329a@anonaddy.me>
Date: Fri, 5 May 2023 10:45:35 +0000
Subject: [PATCH 40/71] Translated using Weblate (Dutch)

Currently translated at 17.0% (8 of 47 strings)

Translation: server-auth-15.0/server-auth-15.0-vault_share
Translate-URL: https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-vault_share/nl/
---
 vault_share/i18n/nl.po | 20 +++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

diff --git a/vault_share/i18n/nl.po b/vault_share/i18n/nl.po
index eb4f02a0a3..14c25e13c0 100644
--- a/vault_share/i18n/nl.po
+++ b/vault_share/i18n/nl.po
@@ -6,13 +6,15 @@ msgid ""
 msgstr ""
 "Project-Id-Version: Odoo Server 15.0\n"
 "Report-Msgid-Bugs-To: \n"
-"Last-Translator: Automatically generated\n"
+"PO-Revision-Date: 2023-05-05 10:45+0000\n"
+"Last-Translator: Bosd <c5e2fd43-d292-4c90-9d1f-74ff3436329a@anonaddy.me>\n"
 "Language-Team: none\n"
 "Language: nl\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: \n"
 "Plural-Forms: nplurals=2; plural=n != 1;\n"
+"X-Generator: Weblate 4.14.1\n"
 
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__accesses
@@ -40,13 +42,13 @@ msgstr ""
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__create_uid
 #: model:ir.model.fields,field_description:vault_share.field_vault_share_log__create_uid
 msgid "Created by"
-msgstr ""
+msgstr "Aangemaakt door"
 
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__create_date
 #: model:ir.model.fields,field_description:vault_share.field_vault_share_log__create_date
 msgid "Created on"
-msgstr ""
+msgstr "Aangemaakt op"
 
 #. module: vault_share
 #: model_terms:ir.ui.view,arch_db:vault_share.res_config_settings_view_form
@@ -74,7 +76,7 @@ msgstr ""
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__display_name
 #: model:ir.model.fields,field_description:vault_share.field_vault_share_log__display_name
 msgid "Display Name"
-msgstr ""
+msgstr "Schermnaam"
 
 #. module: vault_share
 #: model_terms:ir.ui.view,arch_db:vault_share.share
@@ -95,7 +97,7 @@ msgstr ""
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__id
 #: model:ir.model.fields,field_description:vault_share.field_vault_share_log__id
 msgid "ID"
-msgstr ""
+msgstr "ID"
 
 #. module: vault_share
 #: code:addons/vault_share/controllers/main.py:0
@@ -112,19 +114,19 @@ msgstr ""
 #: model:ir.model.fields,field_description:vault_share.field_vault_share____last_update
 #: model:ir.model.fields,field_description:vault_share.field_vault_share_log____last_update
 msgid "Last Modified on"
-msgstr ""
+msgstr "Laatst gewijzigd op"
 
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__write_uid
 #: model:ir.model.fields,field_description:vault_share.field_vault_share_log__write_uid
 msgid "Last Updated by"
-msgstr ""
+msgstr "Laatst bijgewerkt door"
 
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__write_date
 #: model:ir.model.fields,field_description:vault_share.field_vault_share_log__write_date
 msgid "Last Updated on"
-msgstr ""
+msgstr "Laatst bijgewerkt op"
 
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__log_ids
@@ -135,7 +137,7 @@ msgstr ""
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__name
 #: model:ir.model.fields,field_description:vault_share.field_vault_share_log__name
 msgid "Name"
-msgstr ""
+msgstr "Naam"
 
 #. module: vault_share
 #: code:addons/vault_share/models/vault_share.py:0

From dcb0a8091e27cab28eacce8de01795203be4e85f Mon Sep 17 00:00:00 2001
From: Bosd <c5e2fd43-d292-4c90-9d1f-74ff3436329a@anonaddy.me>
Date: Fri, 5 May 2023 10:45:59 +0000
Subject: [PATCH 41/71] Translated using Weblate (Dutch)

Currently translated at 74.4% (35 of 47 strings)

Translation: server-auth-15.0/server-auth-15.0-vault_share
Translate-URL: https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-vault_share/nl/
---
 vault_share/i18n/nl.po | 56 +++++++++++++++++++++---------------------
 1 file changed, 28 insertions(+), 28 deletions(-)

diff --git a/vault_share/i18n/nl.po b/vault_share/i18n/nl.po
index 14c25e13c0..09968ce8c6 100644
--- a/vault_share/i18n/nl.po
+++ b/vault_share/i18n/nl.po
@@ -6,7 +6,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: Odoo Server 15.0\n"
 "Report-Msgid-Bugs-To: \n"
-"PO-Revision-Date: 2023-05-05 10:45+0000\n"
+"PO-Revision-Date: 2023-05-05 13:33+0000\n"
 "Last-Translator: Bosd <c5e2fd43-d292-4c90-9d1f-74ff3436329a@anonaddy.me>\n"
 "Language-Team: none\n"
 "Language: nl\n"
@@ -19,7 +19,7 @@ msgstr ""
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__accesses
 msgid "Access counter"
-msgstr ""
+msgstr "Toegangsteller"
 
 #. module: vault_share
 #: model:ir.actions.server,name:vault_share.cron_share_clean_ir_actions_server
@@ -31,12 +31,12 @@ msgstr ""
 #. module: vault_share
 #: model:ir.model,name:vault_share.model_res_company
 msgid "Companies"
-msgstr ""
+msgstr "Bedrijven"
 
 #. module: vault_share
 #: model:ir.model,name:vault_share.model_res_config_settings
 msgid "Config Settings"
-msgstr ""
+msgstr "Configuratie-instellingen"
 
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__create_uid
@@ -53,7 +53,7 @@ msgstr "Aangemaakt op"
 #. module: vault_share
 #: model_terms:ir.ui.view,arch_db:vault_share.res_config_settings_view_form
 msgid "Days"
-msgstr ""
+msgstr "Dagen"
 
 #. module: vault_share
 #: model_terms:ir.ui.view,arch_db:vault_share.res_config_settings_view_form
@@ -63,7 +63,7 @@ msgstr ""
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_res_config_settings__vault_share_delay
 msgid "Delayed Deletion"
-msgstr ""
+msgstr "Uitgestelde verwijdering"
 
 #. module: vault_share
 #: model:ir.model.fields,help:vault_share.field_res_config_settings__vault_share_delay
@@ -81,17 +81,17 @@ msgstr "Schermnaam"
 #. module: vault_share
 #: model_terms:ir.ui.view,arch_db:vault_share.share
 msgid "Enter the pin:"
-msgstr ""
+msgstr "Voer de pincode in:"
 
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__expiration
 msgid "Expiration"
-msgstr ""
+msgstr "Vervaldatum"
 
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__filename
 msgid "Filename"
-msgstr ""
+msgstr "Bestandsnaam"
 
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__id
@@ -103,7 +103,7 @@ msgstr "ID"
 #: code:addons/vault_share/controllers/main.py:0
 #, python-format
 msgid "Invalid token"
-msgstr ""
+msgstr "Ongeldige token"
 
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__iv
@@ -131,7 +131,7 @@ msgstr "Laatst bijgewerkt op"
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__log_ids
 msgid "Log"
-msgstr ""
+msgstr "Log"
 
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__name
@@ -144,12 +144,12 @@ msgstr "Naam"
 #: model:ir.model.constraint,message:vault_share.constraint_vault_share_value_check
 #, python-format
 msgid "No value found"
-msgstr ""
+msgstr "Geen waarde gevonden"
 
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__pin
 msgid "Pin"
-msgstr ""
+msgstr "Pin"
 
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__salt
@@ -164,34 +164,34 @@ msgstr ""
 #: code:addons/vault_share/static/src/backend/templates.xml:0
 #, python-format
 msgid "Save in a vault"
-msgstr ""
+msgstr "Opslaan in een kluis"
 
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__secret
 msgid "Secret"
-msgstr ""
+msgstr "Geheim"
 
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__secret_file
 msgid "Secret File"
-msgstr ""
+msgstr "Secret File"
 
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share_log__share_id
 msgid "Share"
-msgstr ""
+msgstr "Delen"
 
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__share_link
 msgid "Share URL"
-msgstr ""
+msgstr "Share URL"
 
 #. module: vault_share
 #. openerp-web
 #: code:addons/vault_share/static/src/legacy/vault_fields.js:0
 #, python-format
 msgid "Share the secret"
-msgstr ""
+msgstr "Deel het geheim"
 
 #. module: vault_share
 #. openerp-web
@@ -199,17 +199,17 @@ msgstr ""
 #: code:addons/vault_share/static/src/backend/templates.xml:0
 #, python-format
 msgid "Share the secret with an external user"
-msgstr ""
+msgstr "Het geheim delen met een externe gebruiker"
 
 #. module: vault_share
 #: model_terms:ir.ui.view,arch_db:vault_share.share
 msgid "Shared file:"
-msgstr ""
+msgstr "Gedeeld bestand:"
 
 #. module: vault_share
 #: model_terms:ir.ui.view,arch_db:vault_share.share
 msgid "Shared secret:"
-msgstr ""
+msgstr "Gedeeld geheim:"
 
 #. module: vault_share
 #: model:ir.actions.act_window,name:vault_share.action_vault_share
@@ -236,34 +236,34 @@ msgstr ""
 #: code:addons/vault_share/controllers/main.py:0
 #, python-format
 msgid "The secret expired"
-msgstr ""
+msgstr "Het geheim is verlopen"
 
 #. module: vault_share
 #: code:addons/vault_share/models/vault_share.py:0
 #, python-format
 msgid "The share was accessed by %(name)s via %(ip)s"
-msgstr ""
+msgstr "Het record werd geopend door %(name)s via %(ip)s"
 
 #. module: vault_share
 #: code:addons/vault_share/models/vault_share.py:0
 #, python-format
 msgid "The share was created by %(name)s"
-msgstr ""
+msgstr "Het record is gemaakt door %(name)s"
 
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__token
 msgid "Token"
-msgstr ""
+msgstr "Token"
 
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__user_id
 msgid "User"
-msgstr ""
+msgstr "Gebruiker"
 
 #. module: vault_share
 #: model:ir.model.fields,help:vault_share.field_vault_share__share_link
 msgid "Using this link and pin people can access the secret."
-msgstr ""
+msgstr "Met deze link en pin kunnen mensen toegang krijgen tot het geheim."
 
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_res_company__vault_share_delay

From b4c0d604405232ff88bd766b846d2d86aa130f46 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?V=C3=ADctor=20Mart=C3=ADnez?=
 <victor.martinez@tecnativa.com>
Date: Tue, 13 Jun 2023 08:20:49 +0000
Subject: [PATCH 42/71] Translated using Weblate (Spanish)

Currently translated at 87.2% (41 of 47 strings)

Translation: server-auth-15.0/server-auth-15.0-vault_share
Translate-URL: https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-vault_share/es/
---
 vault_share/i18n/es.po | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/vault_share/i18n/es.po b/vault_share/i18n/es.po
index ff6d234ebd..4750864d5f 100644
--- a/vault_share/i18n/es.po
+++ b/vault_share/i18n/es.po
@@ -7,15 +7,15 @@ msgstr ""
 "Project-Id-Version: Odoo Server 13.0\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2022-06-06 07:44+0000\n"
-"PO-Revision-Date: 2022-06-06 09:54+0200\n"
-"Last-Translator: \n"
+"PO-Revision-Date: 2023-06-13 11:09+0000\n"
+"Last-Translator: Víctor Martínez <victor.martinez@tecnativa.com>\n"
 "Language-Team: \n"
 "Language: es\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
-"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-"X-Generator: Poedit 2.3\n"
+"Plural-Forms: nplurals=2; plural=n != 1;\n"
+"X-Generator: Weblate 4.17\n"
 
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__accesses
@@ -214,7 +214,7 @@ msgstr "Secreto compartido:"
 #: model:ir.actions.act_window,name:vault_share.action_vault_share
 #: model:ir.ui.menu,name:vault_share.menu_vault_share
 msgid "Shares"
-msgstr "Recursos comparidos"
+msgstr "Recursos compartidos"
 
 #. module: vault_share
 #: model:ir.model.fields,help:vault_share.field_vault_share__expiration

From e3ba9a225335cf359d5743dc61d94ee4310f7757 Mon Sep 17 00:00:00 2001
From: Carlos Roca <carlos.roca@tecnativa.com>
Date: Wed, 14 Jun 2023 16:04:18 +0200
Subject: [PATCH 43/71] vault: Error thrown when the key version is lower than
 1

---
 vault/static/src/backend/vault.esm.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vault/static/src/backend/vault.esm.js b/vault/static/src/backend/vault.esm.js
index 8abd5db992..96af61106e 100644
--- a/vault/static/src/backend/vault.esm.js
+++ b/vault/static/src/backend/vault.esm.js
@@ -6,7 +6,7 @@
 import * as utils from "vault.utils";
 import {_t} from "web.core";
 import ajax from "web.ajax";
-import {session} from "web.session";
+import {session} from "@web/session";
 
 // Database name on the browser
 const Database = "vault";

From 37f90c4893a009f42709c706d9bd327403d9dc55 Mon Sep 17 00:00:00 2001
From: OCA-git-bot <oca-git-bot@odoo-community.org>
Date: Thu, 15 Jun 2023 12:57:01 +0000
Subject: [PATCH 44/71] vault 15.0.1.6.2

---
 vault/__manifest__.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vault/__manifest__.py b/vault/__manifest__.py
index 6c2f5407c6..4a18e97b50 100644
--- a/vault/__manifest__.py
+++ b/vault/__manifest__.py
@@ -5,7 +5,7 @@
     "name": "Vault",
     "summary": "Password vault integration in Odoo",
     "license": "AGPL-3",
-    "version": "15.0.1.6.1",
+    "version": "15.0.1.6.2",
     "website": "https://github.com/OCA/server-auth",
     "application": True,
     "author": "initOS GmbH, Odoo Community Association (OCA)",

From 7ac9139061de918c3779c5f8f69e5306091334ce Mon Sep 17 00:00:00 2001
From: Carlos Roca <carlos.roca@tecnativa.com>
Date: Thu, 22 Jun 2023 17:55:30 +0200
Subject: [PATCH 45/71] vault, vault_share: Error on test

With the changes introduced on https://github.com/odoo/odoo/commit/a251b14f017b35899663d30a1b38cb75a41cdb1b#diff-99de14b6e0a411718ac3adaaf779395155841c7ca9d95fa258369656dae63d18
the tests of vault and vault_share are failing.
---
 vault/tests/test_controller.py  | 2 +-
 vault_share/tests/test_share.py | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/vault/tests/test_controller.py b/vault/tests/test_controller.py
index 1d853ecea7..2439b7b4c0 100644
--- a/vault/tests/test_controller.py
+++ b/vault/tests/test_controller.py
@@ -55,7 +55,7 @@ def return_context(template, context):
             return context
 
         with MockRequest(self.env) as request_mock:
-            request_mock.render.side_effect = return_context
+            request_mock.render = return_context
             response = self.controller.vault_inbox("")
             self.assertIn("error", response)
 
diff --git a/vault_share/tests/test_share.py b/vault_share/tests/test_share.py
index bc8ecc4908..1627b660ed 100644
--- a/vault_share/tests/test_share.py
+++ b/vault_share/tests/test_share.py
@@ -59,7 +59,7 @@ def return_context(template, context):
             return context
 
         with MockRequest(self.env) as request_mock:
-            request_mock.render.side_effect = return_context
+            request_mock.render = return_context
             controller = main.Controller()
 
             response = controller.vault_share("")

From ed419cd6cea3b741286f534fa56104b328acd004 Mon Sep 17 00:00:00 2001
From: OCA-git-bot <oca-git-bot@odoo-community.org>
Date: Mon, 26 Jun 2023 08:29:27 +0000
Subject: [PATCH 46/71] vault_share 15.0.1.1.1

---
 vault_share/__manifest__.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vault_share/__manifest__.py b/vault_share/__manifest__.py
index 9d3f4e693b..5af9ada04d 100644
--- a/vault_share/__manifest__.py
+++ b/vault_share/__manifest__.py
@@ -5,7 +5,7 @@
     "name": "Vault - Share",
     "summary": "Implementation of a mechanism to share secrets",
     "license": "AGPL-3",
-    "version": "15.0.1.1.0",
+    "version": "15.0.1.1.1",
     "website": "https://github.com/OCA/server-auth",
     "application": False,
     "author": "initOS GmbH, Odoo Community Association (OCA)",

From a95dd8aa26f3829fd1d833d4a0523da295f6fa5a Mon Sep 17 00:00:00 2001
From: OCA-git-bot <oca-git-bot@odoo-community.org>
Date: Mon, 26 Jun 2023 08:29:28 +0000
Subject: [PATCH 47/71] vault 15.0.1.6.3

---
 vault/__manifest__.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vault/__manifest__.py b/vault/__manifest__.py
index 4a18e97b50..1f3d16c9f0 100644
--- a/vault/__manifest__.py
+++ b/vault/__manifest__.py
@@ -5,7 +5,7 @@
     "name": "Vault",
     "summary": "Password vault integration in Odoo",
     "license": "AGPL-3",
-    "version": "15.0.1.6.2",
+    "version": "15.0.1.6.3",
     "website": "https://github.com/OCA/server-auth",
     "application": True,
     "author": "initOS GmbH, Odoo Community Association (OCA)",

From 2714549479c37eb2a0784248437c33ba2d804074 Mon Sep 17 00:00:00 2001
From: Carlos Roca <carlos.roca@tecnativa.com>
Date: Mon, 26 Jun 2023 13:16:27 +0200
Subject: [PATCH 48/71] vault: Error thrown when attempting to remove a right
 from a vault with more than 2 defined rigths.

Before the patch, an error would occur when clicking on OK after warning about key re-encryption. This is because the public_key field of user rights other than the one initiating the deletion is not available.

After the patch, the public_key field is computed, and therefore, when re-encrypting, the error no longer occurs.
---
 vault/models/res_users.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vault/models/res_users.py b/vault/models/res_users.py
index 5fd4b35b5c..ecf5d3c91e 100644
--- a/vault/models/res_users.py
+++ b/vault/models/res_users.py
@@ -27,7 +27,7 @@ class ResUsers(models.Model):
     @api.depends("keys", "keys.current")
     def _compute_active_key(self):
         for rec in self:
-            keys = rec.keys.filtered("current")
+            keys = rec.sudo().keys.filtered("current")
             rec.active_key = keys[0] if keys else None
 
     @api.depends("inbox_token")

From 0d9dc4c014a01ce4d3fa6fcc8b74386a07ec1859 Mon Sep 17 00:00:00 2001
From: OCA-git-bot <oca-git-bot@odoo-community.org>
Date: Mon, 26 Jun 2023 13:46:05 +0000
Subject: [PATCH 49/71] vault 15.0.1.6.4

---
 vault/__manifest__.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vault/__manifest__.py b/vault/__manifest__.py
index 1f3d16c9f0..682a217b6b 100644
--- a/vault/__manifest__.py
+++ b/vault/__manifest__.py
@@ -5,7 +5,7 @@
     "name": "Vault",
     "summary": "Password vault integration in Odoo",
     "license": "AGPL-3",
-    "version": "15.0.1.6.3",
+    "version": "15.0.1.6.4",
     "website": "https://github.com/OCA/server-auth",
     "application": True,
     "author": "initOS GmbH, Odoo Community Association (OCA)",

From b2f2f52d5c515e37a60d5dbadb91fdbd556a6394 Mon Sep 17 00:00:00 2001
From: fkantelberg <florian.kantelberg@initos.com>
Date: Fri, 14 Jul 2023 16:13:27 +0200
Subject: [PATCH 50/71] vault: Vault re-encryption in a single transaction. Add
 copy support for vault.entry

vault: Ensure that the keys are loaded before blocking UI

vault: Button to verify and re-encrypt a vault. Right deletion only flags the vault. Unittests
---
 vault/controllers/main.py                   |  20 ++
 vault/models/abstract_vault_field.py        |   4 +
 vault/models/vault.py                       |   1 +
 vault/models/vault_entry.py                 |  24 ++-
 vault/models/vault_right.py                 |   1 +
 vault/static/src/legacy/vault_controller.js | 200 +++++++++-----------
 vault/tests/test_controller.py              |  33 ++++
 vault/tests/test_rights.py                  |  13 ++
 vault/views/vault_views.xml                 |  18 ++
 9 files changed, 203 insertions(+), 111 deletions(-)

diff --git a/vault/controllers/main.py b/vault/controllers/main.py
index 1dea23f710..c7ec7e70a8 100644
--- a/vault/controllers/main.py
+++ b/vault/controllers/main.py
@@ -126,3 +126,23 @@ def vault_store_right_keys(self, keys):
 
             if isinstance(master_key, str):
                 right.sudo().key = master_key
+
+    @http.route("/vault/replace", auth="user", type="json")
+    def vault_replace(self, data):
+        """Replace the master keys and values within a single transaction"""
+        if not isinstance(data, list):
+            return
+
+        vault = request.env["vault"].with_context(vault_skip_log=True)
+        for changes in data:
+            record = vault.env[changes["model"]].browse(changes["id"])
+            vault |= record.vault_id
+            if record._name in ("vault.field", "vault.file"):
+                record.write({k: v for k, v in changes.items() if k in ["iv", "value"]})
+            elif record._name == "vault.right":
+                record.write({k: v for k, v in changes.items() if k in ["key"]})
+
+        for v in vault:
+            v._log_entry("Replaced the keys", "info")
+
+        vault.sudo().write({"reencrypt_required": False})
diff --git a/vault/models/abstract_vault_field.py b/vault/models/abstract_vault_field.py
index d819a32f91..65c42ca55b 100644
--- a/vault/models/abstract_vault_field.py
+++ b/vault/models/abstract_vault_field.py
@@ -13,6 +13,7 @@ class AbstractVaultField(models.AbstractModel):
     _description = _("Abstract model to implement basic fields for encryption")
 
     entry_id = fields.Many2one("vault.entry", ondelete="cascade", required=True)
+    entry_name = fields.Char(related="entry_id.complete_name")
     vault_id = fields.Many2one(related="entry_id.vault_id")
     master_key = fields.Char(compute="_compute_master_key", store=False)
 
@@ -33,6 +34,9 @@ def _compute_master_key(self):
 
     def log_change(self, action):
         self.ensure_one()
+        if self.env.context.get("vault_skip_log"):
+            return
+
         self.entry_id.log_info(
             f"{action} value {self.name} of {self.entry_id.complete_name} "
             f"by {self.env.user.display_name}"
diff --git a/vault/models/vault.py b/vault/models/vault.py
index da6293792d..8d6064c51e 100644
--- a/vault/models/vault.py
+++ b/vault/models/vault.py
@@ -32,6 +32,7 @@ class Vault(models.Model):
     field_ids = fields.One2many("vault.field", "vault_id", "Fields")
     file_ids = fields.One2many("vault.file", "vault_id", "Files")
     log_ids = fields.One2many("vault.log", "vault_id", "Log", readonly=True)
+    reencrypt_required = fields.Boolean(default=False)
 
     # Access control
     perm_user = fields.Many2one("res.users", compute="_compute_access", store=False)
diff --git a/vault/models/vault_entry.py b/vault/models/vault_entry.py
index 94abeeb68a..03677f0359 100644
--- a/vault/models/vault_entry.py
+++ b/vault/models/vault_entry.py
@@ -46,7 +46,7 @@ class VaultEntry(models.Model):
         readonly=True,
         recursive=True,
     )
-    uuid = fields.Char(default=lambda self: uuid4(), required=True)
+    uuid = fields.Char(default=lambda self: uuid4(), required=True, copy=False)
     name = fields.Char(required=True)
     url = fields.Char()
     note = fields.Text()
@@ -98,6 +98,25 @@ def search_read(self, domain=None, fields=None, offset=0, limit=None, order=None
             domain=domain, fields=fields, offset=offset, limit=limit, order=order
         )
 
+    def copy_data(self, default=None):
+        self.ensure_one()
+
+        if default is None:
+            default = {}
+
+        if "name" not in default:
+            default["name"] = _("%s (copy)", self.name)
+
+        if "field_ids" not in default:
+            default["field_ids"] = [
+                (0, 0, field.copy_data()[0]) for field in self.field_ids
+            ]
+        if "file_ids" not in default:
+            default["file_ids"] = [
+                (0, 0, field.copy_data()[0]) for field in self.file_ids
+            ]
+        return super().copy_data(default)
+
     @api.depends("name", "complete_name")
     def _compute_display_name(self):
         if not self.env.context.get("entry_short_name", False):
@@ -122,6 +141,9 @@ def _search_expired(self, operator, value):
 
     def log_change(self, action):
         self.ensure_one()
+        if self.env.context.get("vault_skip_log"):
+            return
+
         self.log_info(
             _("%(action)s entry %(name)s by %(user)s")
             % {
diff --git a/vault/models/vault_right.py b/vault/models/vault_right.py
index 20b1684814..287a69961b 100644
--- a/vault/models/vault_right.py
+++ b/vault/models/vault_right.py
@@ -106,5 +106,6 @@ def write(self, values):
     def unlink(self):
         for rec in self:
             rec.vault_id.log_info(f"Removed user {self.user_id.display_name}")
+            rec.vault_id.reencrypt_required = True
 
         return super().unlink()
diff --git a/vault/static/src/legacy/vault_controller.js b/vault/static/src/legacy/vault_controller.js
index 99d2fdc403..4b4f6d45f4 100644
--- a/vault/static/src/legacy/vault_controller.js
+++ b/vault/static/src/legacy/vault_controller.js
@@ -7,6 +7,7 @@ odoo.define("vault.controller", function (require) {
     var core = require("web.core");
     var Dialog = require("web.Dialog");
     var FormController = require("web.FormController");
+    var framework = require("web.framework");
     var Importer = require("vault.import");
     var utils = require("vault.utils");
     var vault = require("vault");
@@ -14,6 +15,11 @@ odoo.define("vault.controller", function (require) {
     var _t = core._t;
 
     FormController.include({
+        events: _.extend({}, FormController.prototype.events, {
+            "click [name='vault_reencrypt']": "_clickReencryptVault",
+            "click [name='vault_verify']": "_clickVerifyVault",
+        }),
+
         /**
          * Re-encrypt the key if the user is getting selected
          *
@@ -186,62 +192,42 @@ odoo.define("vault.controller", function (require) {
             }
         },
 
+        _clickReencryptVault: async function () {
+            await this._reencryptVault(false, true);
+        },
+
+        _clickVerifyVault: async function () {
+            await this._reencryptVault(true, false);
+        },
+
         /**
          * Handle the deletion of a vault.right field in the vault view properly by
          * generating a new master key and re-encrypting everything in the vault to
          * deny any future access to the vault.
          *
          * @private
-         * @param {Object} record
-         * @param {Object} changes
-         * @param {Object} options
+         * @param {Boolean} verify
+         * @param {Boolean} force
          */
-        _deleteVaultRight: async function (record, changes, options) {
+        _reencryptVault: async function (verify = false, force = false) {
+            const record = this.model.get(this.handle);
+
+            await vault._ensure_keys();
+
             const self = this;
             const master_key = await utils.generate_key();
             const current_key = await vault.unwrap(record.data.master_key);
 
-            // We only need to re-encrypt once per iteration
-            if (this._vault_changes) return;
-
             // This stores the additional changes made to rights, fields, and files
-            this._vault_changes = [];
-
-            // Convert the datapoint IDs to database IDs because we are loading
-            const deleted = [];
-            for (const right_id of changes.ids) {
-                const rec = await this.model.get(right_id, {raw: true});
-                deleted.push(rec.res_id);
-            }
-
-            // Update the rights. Load without limit
-            const right_handle = await this.model.load({
-                domain: [["vault_id", "=", record.res_id]],
-                fields: ["key"],
-                modelName: "vault.right",
-                limit: 0,
-                type: "list",
-            });
-
-            const rights = await this.model.get(right_handle, {raw: true});
-            for (const right of rights.data) {
-                if (deleted.indexOf(right.res_id) < 0) {
-                    const key = await vault.wrap_with(
-                        master_key,
-                        right.data.public_key
-                    );
-
-                    await this._applyChanges(right.id, {key: key}, options);
-                }
-                this._vault_changes.push(right.id);
-            }
+            const changes = [];
+            const problems = [];
 
-            async function reencrypt(model) {
+            async function reencrypt(model, type) {
                 // Load the entire data from the database
                 const handle = await self.model.load({
                     context: {vault_reencrypt: true},
                     domain: [["vault_id", "=", record.res_id]],
-                    fields: ["iv", "value"],
+                    fields: ["iv", "value", "name", "entry_name"],
                     modelName: model,
                     limit: 0,
                     type: "list",
@@ -253,21 +239,77 @@ odoo.define("vault.controller", function (require) {
 
                     const d = rec.data;
                     const val = await utils.sym_decrypt(current_key, d.value, d.iv);
+                    if (val === null) {
+                        problems.push(
+                            _.str.sprintf(
+                                _t("%s '%s' of entry '%s'"),
+                                type,
+                                d.name,
+                                d.entry_name
+                            )
+                        );
+                        continue;
+                    }
+
                     const iv = utils.generate_iv_base64();
                     const encrypted = await utils.sym_encrypt(master_key, val, iv);
 
-                    await self._applyChanges(
-                        rec.id,
-                        {value: encrypted, iv: iv},
-                        options
-                    );
-                    self._vault_changes.push(rec.id);
+                    changes.push({
+                        id: rec.res_id,
+                        model: model,
+                        value: encrypted,
+                        iv: iv,
+                    });
                 }
             }
 
-            // Re-encrypt vault.field and vault.file
-            await reencrypt("vault.field");
-            await reencrypt("vault.file");
+            framework.blockUI();
+            try {
+                // Update the rights. Load without limit
+                const right_handle = await this.model.load({
+                    domain: [["vault_id", "=", record.res_id]],
+                    fields: ["key"],
+                    modelName: "vault.right",
+                    limit: 0,
+                    type: "list",
+                });
+
+                const rights = await this.model.get(right_handle, {raw: true});
+                for (const right of rights.data) {
+                    const key = await vault.wrap_with(
+                        master_key,
+                        right.data.public_key
+                    );
+
+                    changes.push({
+                        id: right.res_id,
+                        model: "vault.right",
+                        key: key,
+                    });
+                }
+
+                // Re-encrypt vault.field and vault.file
+                await reencrypt("vault.field", "Field");
+                await reencrypt("vault.file", "File");
+
+                if (problems && !force) {
+                    framework.unblockUI();
+
+                    Dialog.alert(self, "", {
+                        title: _t("The following entries are broken:"),
+                        $content: $("<div/>").html(problems.join("<br>\n")),
+                    });
+                }
+
+                if (!verify) {
+                    await this._rpc({
+                        route: "/vault/replace",
+                        params: {data: changes},
+                    });
+                }
+            } finally {
+                framework.unblockUI();
+            }
         },
 
         /**
@@ -287,28 +329,6 @@ odoo.define("vault.controller", function (require) {
 
             if (changes.right_ids && changes.right_ids.operation === "UPDATE")
                 await this._changedVaultRightUser(record, changes.right_ids, options);
-
-            if (changes.right_ids && changes.right_ids.operation === "DELETE") {
-                const self = this;
-
-                if (this._vault_changes) return;
-
-                Dialog.confirm(
-                    self,
-                    _t(
-                        "This will re-encrypt everything in the vault. Do you want to proceed?"
-                    ),
-                    {
-                        confirm_callback: async function () {
-                            await self._deleteVaultRight(
-                                record,
-                                changes.right_ids,
-                                options
-                            );
-                        },
-                    }
-                );
-            }
         },
 
         /**
@@ -364,45 +384,5 @@ odoo.define("vault.controller", function (require) {
 
             return result;
         },
-
-        /**
-         * Check if there are additional changes made which needs to be pushed to
-         * the database
-         *
-         * @override
-         * @param {String} recordID
-         * @param {Object} options
-         */
-        saveRecord: async function (recordID, options) {
-            const res = await this._super(...arguments);
-            if (this.modelName !== "vault") return res;
-
-            if (!this._vault_changes) return res;
-
-            const opts = _.defaults(options || {}, {savePoint: false});
-
-            // Apply the changes to rights, fields, and files
-            const changes = this._vault_changes.slice();
-            this._vault_changes = [];
-            for (const rec_id of changes)
-                await this.model.save(rec_id, {
-                    reload: false,
-                    savePoint: opts.savePoint,
-                });
-            return res;
-        },
-
-        /**
-         * Invalidate the additional vault changes
-         *
-         * @override
-         */
-        _discardChanges: async function () {
-            const res = await this._super(...arguments);
-            if (this.modelName !== "vault") return res;
-
-            this._vault_changes = [];
-            return res;
-        },
     });
 });
diff --git a/vault/tests/test_controller.py b/vault/tests/test_controller.py
index 2439b7b4c0..adb0f5c947 100644
--- a/vault/tests/test_controller.py
+++ b/vault/tests/test_controller.py
@@ -124,6 +124,39 @@ def test_vault_public(self):
             response = self.controller.vault_public(user_id=self.user.id)
             self.assertEqual(response["public_key"], self.key.public)
 
+    @mute_logger("odoo.sql_db")
+    def test_vault_replace(self):
+        with MockRequest(self.env):
+            vault = self.env["vault"].create({"name": "Vault"})
+            right = vault.right_ids[:1]
+            entry = self.env["vault.entry"].create(
+                {"name": "Test Entry", "vault_id": vault.id}
+            )
+            field = self.env["vault.field"].create(
+                {"entry_id": entry.id, "name": "Test", "value": "hello"}
+            )
+            file = self.env["vault.file"].create(
+                {"entry_id": entry.id, "name": "Test", "value": b"hello"}
+            )
+            right.write({"key": "invalid"})
+
+            self.controller.vault_replace(None)
+            self.assertEqual(field.value, "hello")
+            self.assertEqual(file.value, b"hello")
+
+            vault.reencrypt_required = True
+            self.controller.vault_replace(
+                [
+                    {"model": field._name, "id": field.id, "value": "test"},
+                    {"model": file._name, "id": file.id, "value": "test"},
+                    {"model": right._name, "id": right.id, "key": "changed"},
+                ]
+            )
+            self.assertEqual(field.value, "test")
+            self.assertEqual(file.value, b"test")
+            self.assertEqual(right.key, "changed")
+            self.assertFalse(vault.reencrypt_required)
+
     @mute_logger("odoo.sql_db")
     def test_vault_store(
         self,
diff --git a/vault/tests/test_rights.py b/vault/tests/test_rights.py
index 12f83423df..3581a59b27 100644
--- a/vault/tests/test_rights.py
+++ b/vault/tests/test_rights.py
@@ -24,6 +24,19 @@ def setUp(self):
         )
         self.vault.right_ids.write({"key": "Owner"})
 
+    def test_vault_reencrypt(self):
+        right = self.env["vault.right"].create(
+            {
+                "vault_id": self.vault.id,
+                "user_id": self.user.id,
+                "perm_create": False,
+            }
+        )
+
+        assert not self.vault.reencrypt_required
+        right.unlink()
+        assert self.vault.reencrypt_required
+
     def test_public_key(self):
         key = self.env["res.users.key"].create(
             {
diff --git a/vault/views/vault_views.xml b/vault/views/vault_views.xml
index 1b775e05d8..ffeac239a2 100644
--- a/vault/views/vault_views.xml
+++ b/vault/views/vault_views.xml
@@ -49,6 +49,23 @@
                         name="action_open_export_wizard"
                         string="Export to file"
                     />
+                    <button
+                        type="object"
+                        name="action_open_export_wizard"
+                        string="Export to file"
+                    />
+                    <button name="vault_verify" string="Verify" />
+                    <button
+                        name="vault_reencrypt"
+                        string="Re-encrypt"
+                        attrs="{'invisible': [('reencrypt_required', '=', True)]}"
+                    />
+                    <button
+                        name="vault_reencrypt"
+                        string="Re-encrypt"
+                        class="oe_highlight"
+                        attrs="{'invisible': [('reencrypt_required', '=', False)]}"
+                    />
                 </header>
                 <sheet>
                     <div class="oe_button_box" name="button_box">
@@ -62,6 +79,7 @@
                     </div>
 
                     <group>
+                        <field name="reencrypt_required" invisible="1" />
                         <field name="allowed_share" invisible="1" />
                         <field name="allowed_write" invisible="1" />
                         <field name="allowed_create" invisible="1" />

From b1c78f3d0e91e8649fcbe00acd41cb08f37f86a5 Mon Sep 17 00:00:00 2001
From: oca-ci <oca-ci@odoo-community.org>
Date: Tue, 18 Jul 2023 08:26:26 +0000
Subject: [PATCH 51/71] Update vault.pot

---
 vault/i18n/vault.pot | 45 +++++++++++++++++++++++++++++++++++++-------
 1 file changed, 38 insertions(+), 7 deletions(-)

diff --git a/vault/i18n/vault.pot b/vault/i18n/vault.pot
index ba57380862..68936f5786 100644
--- a/vault/i18n/vault.pot
+++ b/vault/i18n/vault.pot
@@ -19,6 +19,19 @@ msgstr ""
 msgid "%(action)s entry %(name)s by %(user)s"
 msgstr ""
 
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/legacy/vault_controller.js:0
+#, python-format
+msgid "%s '%s' of entry '%s'"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_entry.py:0
+#, python-format
+msgid "%s (copy)"
+msgstr ""
+
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/backend/templates.xml:0
@@ -190,7 +203,10 @@ msgid "Close"
 msgstr ""
 
 #. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__entry_name
 #: model:ir.model.fields,field_description:vault.field_vault_entry__complete_name
+#: model:ir.model.fields,field_description:vault.field_vault_field__entry_name
+#: model:ir.model.fields,field_description:vault.field_vault_file__entry_name
 msgid "Complete Name"
 msgstr ""
 
@@ -944,6 +960,16 @@ msgstr ""
 msgid "Public Key"
 msgstr ""
 
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_form
+msgid "Re-encrypt"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__reencrypt_required
+msgid "Reencrypt Required"
+msgstr ""
+
 #. module: vault
 #: model:ir.actions.act_window,name:vault.action_vault_right
 #: model:ir.model.fields,field_description:vault.field_vault__right_ids
@@ -1100,6 +1126,13 @@ msgstr ""
 msgid "The files must end on one of the supported file type:"
 msgstr ""
 
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/legacy/vault_controller.js:0
+#, python-format
+msgid "The following entries are broken:"
+msgstr ""
+
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/common/utils.esm.js:0
@@ -1128,13 +1161,6 @@ msgstr ""
 msgid "The user must be unique"
 msgstr ""
 
-#. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/legacy/vault_controller.js:0
-#, python-format
-msgid "This will re-encrypt everything in the vault. Do you want to proceed?"
-msgstr ""
-
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_inbox__token
 msgid "Token"
@@ -1259,6 +1285,11 @@ msgstr ""
 msgid "Vaults"
 msgstr ""
 
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_form
+msgid "Verify"
+msgstr ""
+
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__version
 msgid "Version"

From f8f5c43695cbff32c1a6d2313db120c0d938e458 Mon Sep 17 00:00:00 2001
From: OCA-git-bot <oca-git-bot@odoo-community.org>
Date: Tue, 18 Jul 2023 08:30:31 +0000
Subject: [PATCH 52/71] vault 15.0.2.0.0

---
 vault/__manifest__.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vault/__manifest__.py b/vault/__manifest__.py
index 682a217b6b..1ac65636f8 100644
--- a/vault/__manifest__.py
+++ b/vault/__manifest__.py
@@ -5,7 +5,7 @@
     "name": "Vault",
     "summary": "Password vault integration in Odoo",
     "license": "AGPL-3",
-    "version": "15.0.1.6.4",
+    "version": "15.0.2.0.0",
     "website": "https://github.com/OCA/server-auth",
     "application": True,
     "author": "initOS GmbH, Odoo Community Association (OCA)",

From 3f66325952dc9e27f978ff0acd4171e8460c4564 Mon Sep 17 00:00:00 2001
From: Weblate <noreply@weblate.org>
Date: Tue, 18 Jul 2023 08:30:42 +0000
Subject: [PATCH 53/71] Update translation files

Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: server-auth-15.0/server-auth-15.0-vault
Translate-URL: https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-vault/
---
 vault/i18n/es.po | 50 ++++++++++++++++++++++++++++++-----
 vault/i18n/nl.po | 69 +++++++++++++++++++++++++++++++-----------------
 2 files changed, 88 insertions(+), 31 deletions(-)

diff --git a/vault/i18n/es.po b/vault/i18n/es.po
index 6b8eef361d..e40a06fb24 100644
--- a/vault/i18n/es.po
+++ b/vault/i18n/es.po
@@ -23,6 +23,19 @@ msgstr ""
 msgid "%(action)s entry %(name)s by %(user)s"
 msgstr ""
 
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/legacy/vault_controller.js:0
+#, python-format
+msgid "%s '%s' of entry '%s'"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_entry.py:0
+#, python-format
+msgid "%s (copy)"
+msgstr ""
+
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/backend/templates.xml:0
@@ -194,7 +207,10 @@ msgid "Close"
 msgstr "Cerrar"
 
 #. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__entry_name
 #: model:ir.model.fields,field_description:vault.field_vault_entry__complete_name
+#: model:ir.model.fields,field_description:vault.field_vault_field__entry_name
+#: model:ir.model.fields,field_description:vault.field_vault_file__entry_name
 msgid "Complete Name"
 msgstr "Nombre completo"
 
@@ -944,6 +960,16 @@ msgstr "Público"
 msgid "Public Key"
 msgstr "Clave pública"
 
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_form
+msgid "Re-encrypt"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__reencrypt_required
+msgid "Reencrypt Required"
+msgstr ""
+
 #. module: vault
 #: model:ir.actions.act_window,name:vault.action_vault_right
 #: model:ir.model.fields,field_description:vault.field_vault__right_ids
@@ -1093,6 +1119,13 @@ msgstr "El campo está vacío, ¡no hay nada que guardar!"
 msgid "The files must end on one of the supported file type:"
 msgstr "Los archivos deben terminar en uno de los tipos de archivo admitidos:"
 
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/legacy/vault_controller.js:0
+#, python-format
+msgid "The following entries are broken:"
+msgstr ""
+
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/common/utils.esm.js:0
@@ -1123,13 +1156,6 @@ msgstr "¡La etiqueta debe ser única!"
 msgid "The user must be unique"
 msgstr "El usuario debe ser único"
 
-#. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/legacy/vault_controller.js:0
-#, python-format
-msgid "This will re-encrypt everything in the vault. Do you want to proceed?"
-msgstr "Esto volverá a encriptar todo en el vault. ¿Quieres proceder?"
-
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_inbox__token
 msgid "Token"
@@ -1257,6 +1283,11 @@ msgstr "Etiqueta de vault"
 msgid "Vaults"
 msgstr ""
 
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_form
+msgid "Verify"
+msgstr ""
+
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__version
 msgid "Version"
@@ -1331,6 +1362,11 @@ msgstr "a-z"
 msgid "or"
 msgstr "o"
 
+#, python-format
+#~ msgid ""
+#~ "This will re-encrypt everything in the vault. Do you want to proceed?"
+#~ msgstr "Esto volverá a encriptar todo en el vault. ¿Quieres proceder?"
+
 #, python-format
 #~ msgid "%s entry %s by %s"
 #~ msgstr "%s registrado %s por %s"
diff --git a/vault/i18n/nl.po b/vault/i18n/nl.po
index b66ea9de63..41fdb25347 100644
--- a/vault/i18n/nl.po
+++ b/vault/i18n/nl.po
@@ -22,6 +22,19 @@ msgstr ""
 msgid "%(action)s entry %(name)s by %(user)s"
 msgstr "%(action)s toegang %(name)s door %(user)s"
 
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/legacy/vault_controller.js:0
+#, python-format
+msgid "%s '%s' of entry '%s'"
+msgstr ""
+
+#. module: vault
+#: code:addons/vault/models/vault_entry.py:0
+#, python-format
+msgid "%s (copy)"
+msgstr ""
+
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/backend/templates.xml:0
@@ -154,7 +167,6 @@ msgstr ""
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/common/utils.esm.js:0
-#: code:addons/vault/static/src/common/utils.esm.js:0
 #: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_import_wizard
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_send_wizard
@@ -166,7 +178,6 @@ msgstr "Annuleer"
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/common/utils.esm.js:0
-#: code:addons/vault/static/src/common/utils.esm.js:0
 #, python-format
 msgid "Cancelled"
 msgstr "Geannuleerd"
@@ -194,7 +205,10 @@ msgid "Close"
 msgstr "Sluiten"
 
 #. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault_abstract_field__entry_name
 #: model:ir.model.fields,field_description:vault.field_vault_entry__complete_name
+#: model:ir.model.fields,field_description:vault.field_vault_field__entry_name
+#: model:ir.model.fields,field_description:vault.field_vault_file__entry_name
 msgid "Complete Name"
 msgstr "Volledige naam"
 
@@ -218,7 +232,6 @@ msgstr "Inhoud"
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/backend/templates.xml:0
-#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Copy to clipboard"
 msgstr "Kopiëren naar klembord"
@@ -337,7 +350,6 @@ msgstr "Download"
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/common/utils.esm.js:0
-#: code:addons/vault/static/src/common/utils.esm.js:0
 #, python-format
 msgid "Enter"
 msgstr ""
@@ -478,7 +490,6 @@ msgstr "Fingerprint"
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/backend/templates.xml:0
-#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Generate"
 msgstr "Genereer"
@@ -498,7 +509,6 @@ msgstr "Gegroepeerd"
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/backend/templates.xml:0
-#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Hide"
 msgstr "Verbergen"
@@ -603,8 +613,6 @@ msgstr ""
 
 #. module: vault
 #: code:addons/vault/models/res_users_key.py:0
-#: code:addons/vault/models/res_users_key.py:0
-#: code:addons/vault/models/res_users_key.py:0
 #, python-format
 msgid "Invalid parameter"
 msgstr "Ongeldige parameter"
@@ -785,7 +793,6 @@ msgstr "Ontbrekende bestandsnaam"
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/common/utils.esm.js:0
-#: code:addons/vault/static/src/common/utils.esm.js:0
 #, python-format
 msgid "Missing password"
 msgstr "Ontbrekend wachtwoord"
@@ -948,6 +955,16 @@ msgstr "Openbaar"
 msgid "Public Key"
 msgstr "Openbare sleutel"
 
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_form
+msgid "Re-encrypt"
+msgstr ""
+
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_vault__reencrypt_required
+msgid "Reencrypt Required"
+msgstr ""
+
 #. module: vault
 #: model:ir.actions.act_window,name:vault.action_vault_right
 #: model:ir.model.fields,field_description:vault.field_vault__right_ids
@@ -964,7 +981,6 @@ msgstr ""
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/legacy/vault_widget.js:0
-#: code:addons/vault/static/src/legacy/vault_widget.js:0
 #, python-format
 msgid "Save As..."
 msgstr "Opslaan als..."
@@ -972,9 +988,6 @@ msgstr "Opslaan als..."
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/backend/templates.xml:0
-#: code:addons/vault/static/src/backend/templates.xml:0
-#: code:addons/vault/static/src/backend/templates.xml:0
-#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Save in a vault"
 msgstr "Opslaan in een kluis"
@@ -1011,7 +1024,6 @@ msgstr "Verzenden"
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/backend/templates.xml:0
-#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Send the secret to an user"
 msgstr "Verzend het geheim naar een gebruiker"
@@ -1031,7 +1043,6 @@ msgstr "Delen"
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/backend/templates.xml:0
-#: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Show"
 msgstr "Toon"
@@ -1094,7 +1105,6 @@ msgstr "De UUID moet uniek zijn."
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/legacy/vault_widget.js:0
-#: code:addons/vault/static/src/legacy/vault_widget.js:0
 #, python-format
 msgid "The field is empty, there's nothing to save!"
 msgstr ""
@@ -1104,6 +1114,13 @@ msgstr ""
 msgid "The files must end on one of the supported file type:"
 msgstr ""
 
+#. module: vault
+#. openerp-web
+#: code:addons/vault/static/src/legacy/vault_controller.js:0
+#, python-format
+msgid "The following entries are broken:"
+msgstr ""
+
 #. module: vault
 #. openerp-web
 #: code:addons/vault/static/src/common/utils.esm.js:0
@@ -1132,13 +1149,6 @@ msgstr "Het label moet uniek zijn!"
 msgid "The user must be unique"
 msgstr "De gebruiker moet uniek zijn"
 
-#. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/legacy/vault_controller.js:0
-#, python-format
-msgid "This will re-encrypt everything in the vault. Do you want to proceed?"
-msgstr "Dit zal alles in de kluis opnieuw versleutelen. Wil je doorgaan?"
-
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_inbox__token
 msgid "Token"
@@ -1263,6 +1273,11 @@ msgstr ""
 msgid "Vaults"
 msgstr ""
 
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.view_vault_form
+msgid "Verify"
+msgstr ""
+
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__version
 msgid "Version"
@@ -1309,7 +1324,8 @@ msgstr ""
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_send_wizard
 msgid ""
 "You can only send the secret to the user who has generated a key-pair.\n"
-"                        If an user is not showing please ask him to generate these."
+"                        If an user is not showing please ask him to generate "
+"these."
 msgstr ""
 
 #. module: vault
@@ -1331,3 +1347,8 @@ msgstr "a-z"
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_store_wizard
 msgid "or"
 msgstr "of"
+
+#, python-format
+#~ msgid ""
+#~ "This will re-encrypt everything in the vault. Do you want to proceed?"
+#~ msgstr "Dit zal alles in de kluis opnieuw versleutelen. Wil je doorgaan?"

From 61103108cfb8218cc1f76fbbc99fa065b0f696a0 Mon Sep 17 00:00:00 2001
From: Carlos Roca <carlos.roca@tecnativa.com>
Date: Wed, 2 Aug 2023 10:33:48 +0200
Subject: [PATCH 54/71] vault: Add reload when finish the reencriptation to
 display updated data

---
 vault/static/src/legacy/vault_controller.js | 1 +
 1 file changed, 1 insertion(+)

diff --git a/vault/static/src/legacy/vault_controller.js b/vault/static/src/legacy/vault_controller.js
index 4b4f6d45f4..93bfc2f094 100644
--- a/vault/static/src/legacy/vault_controller.js
+++ b/vault/static/src/legacy/vault_controller.js
@@ -306,6 +306,7 @@ odoo.define("vault.controller", function (require) {
                         route: "/vault/replace",
                         params: {data: changes},
                     });
+                    this.reload();
                 }
             } finally {
                 framework.unblockUI();

From 861158109cd0bc6337069664482a14cff7089739 Mon Sep 17 00:00:00 2001
From: OCA-git-bot <oca-git-bot@odoo-community.org>
Date: Wed, 2 Aug 2023 09:06:32 +0000
Subject: [PATCH 55/71] vault 15.0.2.0.1

---
 vault/__manifest__.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vault/__manifest__.py b/vault/__manifest__.py
index 1ac65636f8..79d7c576ab 100644
--- a/vault/__manifest__.py
+++ b/vault/__manifest__.py
@@ -5,7 +5,7 @@
     "name": "Vault",
     "summary": "Password vault integration in Odoo",
     "license": "AGPL-3",
-    "version": "15.0.2.0.0",
+    "version": "15.0.2.0.1",
     "website": "https://github.com/OCA/server-auth",
     "application": True,
     "author": "initOS GmbH, Odoo Community Association (OCA)",

From b1234ab949d94c51eaa23948505bfa0d8abe9eae Mon Sep 17 00:00:00 2001
From: Carlos Roca Zaragoza <carlos.roca@tecnativa.com>
Date: Wed, 2 Aug 2023 08:41:07 +0000
Subject: [PATCH 56/71] Translated using Weblate (Spanish)

Currently translated at 96.3% (184 of 191 strings)

Translation: server-auth-15.0/server-auth-15.0-vault
Translate-URL: https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-vault/es/
---
 vault/i18n/es.po | 30 ++++++++++++++++--------------
 1 file changed, 16 insertions(+), 14 deletions(-)

diff --git a/vault/i18n/es.po b/vault/i18n/es.po
index e40a06fb24..dc8f80fe9c 100644
--- a/vault/i18n/es.po
+++ b/vault/i18n/es.po
@@ -7,15 +7,15 @@ msgstr ""
 "Project-Id-Version: Odoo Server 14.0\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2022-06-06 06:57+0000\n"
-"PO-Revision-Date: \n"
-"Last-Translator: \n"
+"PO-Revision-Date: 2023-08-02 11:09+0000\n"
+"Last-Translator: Carlos Roca Zaragoza <carlos.roca@tecnativa.com>\n"
 "Language-Team: \n"
 "Language: es\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
-"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-"X-Generator: Poedit 2.3\n"
+"Plural-Forms: nplurals=2; plural=n != 1;\n"
+"X-Generator: Weblate 4.17\n"
 
 #. module: vault
 #: code:addons/vault/models/vault_entry.py:0
@@ -28,13 +28,13 @@ msgstr ""
 #: code:addons/vault/static/src/legacy/vault_controller.js:0
 #, python-format
 msgid "%s '%s' of entry '%s'"
-msgstr ""
+msgstr "%s '%s' del registro '%s'"
 
 #. module: vault
 #: code:addons/vault/models/vault_entry.py:0
 #, python-format
 msgid "%s (copy)"
-msgstr ""
+msgstr "%s (copia)"
 
 #. module: vault
 #. openerp-web
@@ -241,7 +241,7 @@ msgstr "Copiar al portapapeles"
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_right__perm_create
 msgid "Create"
-msgstr "Creat"
+msgstr "Crear"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__create_uid
@@ -342,7 +342,7 @@ msgstr "Nombre a mostrar"
 #: code:addons/vault/static/src/legacy/vault_controller.js:0
 #, python-format
 msgid "Do you really want to create a new key pair and set it active?"
-msgstr "¿Realmente quieres crear un nuevo par de claves y activarlo?"
+msgstr "¿Realmente quiere crear un nuevo par de claves y activarlo?"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault_export_wizard__content
@@ -361,7 +361,7 @@ msgstr "Ingrese a"
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Enter your password:"
-msgstr "Ingresa tu contraseña:"
+msgstr "Ingrese su contraseña:"
 
 #. module: vault
 #: model:ir.actions.act_window,name:vault.action_open_entries
@@ -631,12 +631,12 @@ msgstr "Token inválido"
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
 msgid "Invalidate private key"
-msgstr ""
+msgstr "Invalidar clave privada"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__iterations
 msgid "Iterations"
-msgstr "Iterations"
+msgstr "Iteraciones"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__iv
@@ -963,12 +963,12 @@ msgstr "Clave pública"
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_form
 msgid "Re-encrypt"
-msgstr ""
+msgstr "Reencriptar"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_vault__reencrypt_required
 msgid "Reencrypt Required"
-msgstr ""
+msgstr "Necesita reencriptarse"
 
 #. module: vault
 #: model:ir.actions.act_window,name:vault.action_vault_right
@@ -1124,7 +1124,7 @@ msgstr "Los archivos deben terminar en uno de los tipos de archivo admitidos:"
 #: code:addons/vault/static/src/legacy/vault_controller.js:0
 #, python-format
 msgid "The following entries are broken:"
-msgstr ""
+msgstr "Los siguientes registros están rotos:"
 
 #. module: vault
 #. openerp-web
@@ -1347,6 +1347,8 @@ msgstr ""
 msgid ""
 "You will loose access to all vaults and your inbox. Do you want to continue?"
 msgstr ""
+"Perderá el acceso a todos sus vaults y a su bandeja de entrada. ¿Desea "
+"continuar?"
 
 #. module: vault
 #. openerp-web

From ba99da61db98b3a9c29fda686ae4aab2d0f4d49e Mon Sep 17 00:00:00 2001
From: OCA-git-bot <oca-git-bot@odoo-community.org>
Date: Sun, 3 Sep 2023 16:33:26 +0000
Subject: [PATCH 57/71] README.rst

---
 vault/README.rst                          | 15 +++++----
 vault/static/description/index.html       | 38 ++++++++++++-----------
 vault_share/README.rst                    | 15 +++++----
 vault_share/static/description/index.html | 14 +++++----
 4 files changed, 46 insertions(+), 36 deletions(-)

diff --git a/vault/README.rst b/vault/README.rst
index 62a89242d3..569422ed24 100644
--- a/vault/README.rst
+++ b/vault/README.rst
@@ -2,10 +2,13 @@
 Vault
 =====
 
-.. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+.. 
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
    !! This file is generated by oca-gen-addon-readme !!
    !! changes will be overwritten.                   !!
    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+   !! source digest: sha256:a1eb0ec5aec8e20cf1599460a548d1794fcb11a9e7a317fd9428ca4cd35d0b09
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 
 .. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
     :target: https://odoo-community.org/page/development-status
@@ -19,11 +22,11 @@ Vault
 .. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
     :target: https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-vault
     :alt: Translate me on Weblate
-.. |badge5| image:: https://img.shields.io/badge/runbot-Try%20me-875A7B.png
-    :target: https://runbot.odoo-community.org/runbot/251/15.0
-    :alt: Try me on Runbot
+.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png
+    :target: https://runboat.odoo-community.org/builds?repo=OCA/server-auth&target_branch=15.0
+    :alt: Try me on Runboat
 
-|badge1| |badge2| |badge3| |badge4| |badge5| 
+|badge1| |badge2| |badge3| |badge4| |badge5|
 
 This module implements a vault for secrets and files using end-to-end-encryption. The encryption and decryption happens in the browser using a vault specific shared master key. The master keys are encrypted using asymmetrically. For this the user has to enter a second password on the first login or if he needs to access data in a vault. The asymmetric keys are stored for a certain time in the browser storage.
 
@@ -61,7 +64,7 @@ Bug Tracker
 
 Bugs are tracked on `GitHub Issues <https://github.com/OCA/server-auth/issues>`_.
 In case of trouble, please check there if your issue has already been reported.
-If you spotted it first, help us smashing it by providing a detailed and welcomed
+If you spotted it first, help us to smash it by providing a detailed and welcomed
 `feedback <https://github.com/OCA/server-auth/issues/new?body=module:%20vault%0Aversion:%2015.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
 
 Do not contact contributors directly about support or help with technical issues.
diff --git a/vault/static/description/index.html b/vault/static/description/index.html
index 6ca3dc7fde..e0a1f3f446 100644
--- a/vault/static/description/index.html
+++ b/vault/static/description/index.html
@@ -1,20 +1,20 @@
-<?xml version="1.0" encoding="utf-8" ?>
+<?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-<meta name="generator" content="Docutils 0.15.1: http://docutils.sourceforge.net/" />
+<meta name="generator" content="Docutils: https://docutils.sourceforge.io/" />
 <title>Vault</title>
 <style type="text/css">
 
 /*
 :Author: David Goodger (goodger@python.org)
-:Id: $Id: html4css1.css 7952 2016-07-26 18:15:59Z milde $
+:Id: $Id: html4css1.css 8954 2022-01-20 10:10:25Z milde $
 :Copyright: This stylesheet has been placed in the public domain.
 
 Default cascading style sheet for the HTML output of Docutils.
 
-See http://docutils.sf.net/docs/howto/html-stylesheets.html for how to
+See https://docutils.sourceforge.io/docs/howto/html-stylesheets.html for how to
 customize this style sheet.
 */
 
@@ -366,8 +366,10 @@ <h1 class="title">Vault</h1>
 <!-- !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 !! This file is generated by oca-gen-addon-readme !!
 !! changes will be overwritten.                   !!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!! source digest: sha256:a1eb0ec5aec8e20cf1599460a548d1794fcb11a9e7a317fd9428ca4cd35d0b09
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -->
-<p><a class="reference external" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external" href="https://github.com/OCA/server-auth/tree/15.0/vault"><img alt="OCA/server-auth" src="https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github" /></a> <a class="reference external" href="https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-vault"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external" href="https://runbot.odoo-community.org/runbot/251/15.0"><img alt="Try me on Runbot" src="https://img.shields.io/badge/runbot-Try%20me-875A7B.png" /></a></p>
+<p><a class="reference external image-reference" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external image-reference" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external image-reference" href="https://github.com/OCA/server-auth/tree/15.0/vault"><img alt="OCA/server-auth" src="https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github" /></a> <a class="reference external image-reference" href="https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-vault"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external image-reference" href="https://runboat.odoo-community.org/builds?repo=OCA/server-auth&amp;target_branch=15.0"><img alt="Try me on Runboat" src="https://img.shields.io/badge/runboat-Try%20me-875A7B.png" /></a></p>
 <p>This module implements a vault for secrets and files using end-to-end-encryption. The encryption and decryption happens in the browser using a vault specific shared master key. The master keys are encrypted using asymmetrically. For this the user has to enter a second password on the first login or if he needs to access data in a vault. The asymmetric keys are stored for a certain time in the browser storage.</p>
 <p>The server can never access the secrets with the information available. Only people registered in the vault can decrypt or encrypt values in a vault. The meta data isn’t encrypted to be able to search/filter for entries more easily.</p>
 <p>This modules requires a secure context for the browser to work properly.</p>
@@ -375,18 +377,18 @@ <h1 class="title">Vault</h1>
 <p><strong>Table of contents</strong></p>
 <div class="contents local topic" id="contents">
 <ul class="simple">
-<li><a class="reference internal" href="#known-issues-roadmap" id="id1">Known issues / Roadmap</a></li>
-<li><a class="reference internal" href="#bug-tracker" id="id2">Bug Tracker</a></li>
-<li><a class="reference internal" href="#credits" id="id3">Credits</a><ul>
-<li><a class="reference internal" href="#authors" id="id4">Authors</a></li>
-<li><a class="reference internal" href="#contributors" id="id5">Contributors</a></li>
-<li><a class="reference internal" href="#maintainers" id="id6">Maintainers</a></li>
+<li><a class="reference internal" href="#known-issues-roadmap" id="toc-entry-1">Known issues / Roadmap</a></li>
+<li><a class="reference internal" href="#bug-tracker" id="toc-entry-2">Bug Tracker</a></li>
+<li><a class="reference internal" href="#credits" id="toc-entry-3">Credits</a><ul>
+<li><a class="reference internal" href="#authors" id="toc-entry-4">Authors</a></li>
+<li><a class="reference internal" href="#contributors" id="toc-entry-5">Contributors</a></li>
+<li><a class="reference internal" href="#maintainers" id="toc-entry-6">Maintainers</a></li>
 </ul>
 </li>
 </ul>
 </div>
 <div class="section" id="known-issues-roadmap">
-<h1><a class="toc-backref" href="#id1">Known issues / Roadmap</a></h1>
+<h1><a class="toc-backref" href="#toc-entry-1">Known issues / Roadmap</a></h1>
 <ul class="simple">
 <li>Field and file history for restoration</li>
 <li>Send secrets directly to an inbox within Odoo</li>
@@ -407,29 +409,29 @@ <h1><a class="toc-backref" href="#id1">Known issues / Roadmap</a></h1>
 </ul>
 </div>
 <div class="section" id="bug-tracker">
-<h1><a class="toc-backref" href="#id2">Bug Tracker</a></h1>
+<h1><a class="toc-backref" href="#toc-entry-2">Bug Tracker</a></h1>
 <p>Bugs are tracked on <a class="reference external" href="https://github.com/OCA/server-auth/issues">GitHub Issues</a>.
 In case of trouble, please check there if your issue has already been reported.
-If you spotted it first, help us smashing it by providing a detailed and welcomed
+If you spotted it first, help us to smash it by providing a detailed and welcomed
 <a class="reference external" href="https://github.com/OCA/server-auth/issues/new?body=module:%20vault%0Aversion:%2015.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**">feedback</a>.</p>
 <p>Do not contact contributors directly about support or help with technical issues.</p>
 </div>
 <div class="section" id="credits">
-<h1><a class="toc-backref" href="#id3">Credits</a></h1>
+<h1><a class="toc-backref" href="#toc-entry-3">Credits</a></h1>
 <div class="section" id="authors">
-<h2><a class="toc-backref" href="#id4">Authors</a></h2>
+<h2><a class="toc-backref" href="#toc-entry-4">Authors</a></h2>
 <ul class="simple">
 <li>initOS GmbH</li>
 </ul>
 </div>
 <div class="section" id="contributors">
-<h2><a class="toc-backref" href="#id5">Contributors</a></h2>
+<h2><a class="toc-backref" href="#toc-entry-5">Contributors</a></h2>
 <ul class="simple">
 <li>Florian Kantelberg &lt;<a class="reference external" href="mailto:florian.kantelberg&#64;initos.com">florian.kantelberg&#64;initos.com</a>&gt;</li>
 </ul>
 </div>
 <div class="section" id="maintainers">
-<h2><a class="toc-backref" href="#id6">Maintainers</a></h2>
+<h2><a class="toc-backref" href="#toc-entry-6">Maintainers</a></h2>
 <p>This module is maintained by the OCA.</p>
 <a class="reference external image-reference" href="https://odoo-community.org"><img alt="Odoo Community Association" src="https://odoo-community.org/logo.png" /></a>
 <p>OCA, or the Odoo Community Association, is a nonprofit organization whose
diff --git a/vault_share/README.rst b/vault_share/README.rst
index 499ee5f481..d67eb4e4f5 100644
--- a/vault_share/README.rst
+++ b/vault_share/README.rst
@@ -2,10 +2,13 @@
 Vault - Share
 =============
 
-.. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+.. 
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
    !! This file is generated by oca-gen-addon-readme !!
    !! changes will be overwritten.                   !!
    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+   !! source digest: sha256:862181a2970df8e6c6143d187b9f24e63434f9c444c014c899076101d749be59
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 
 .. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
     :target: https://odoo-community.org/page/development-status
@@ -19,11 +22,11 @@ Vault - Share
 .. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
     :target: https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-vault_share
     :alt: Translate me on Weblate
-.. |badge5| image:: https://img.shields.io/badge/runbot-Try%20me-875A7B.png
-    :target: https://runbot.odoo-community.org/runbot/251/15.0
-    :alt: Try me on Runbot
+.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png
+    :target: https://runboat.odoo-community.org/builds?repo=OCA/server-auth&target_branch=15.0
+    :alt: Try me on Runboat
 
-|badge1| |badge2| |badge3| |badge4| |badge5| 
+|badge1| |badge2| |badge3| |badge4| |badge5|
 
 This module implements possibilities to share specific secrets with external users. This bases on the vault implementation and the generated RSA key pair.
 
@@ -42,7 +45,7 @@ Bug Tracker
 
 Bugs are tracked on `GitHub Issues <https://github.com/OCA/server-auth/issues>`_.
 In case of trouble, please check there if your issue has already been reported.
-If you spotted it first, help us smashing it by providing a detailed and welcomed
+If you spotted it first, help us to smash it by providing a detailed and welcomed
 `feedback <https://github.com/OCA/server-auth/issues/new?body=module:%20vault_share%0Aversion:%2015.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
 
 Do not contact contributors directly about support or help with technical issues.
diff --git a/vault_share/static/description/index.html b/vault_share/static/description/index.html
index 4b080257b0..dc79eb489c 100644
--- a/vault_share/static/description/index.html
+++ b/vault_share/static/description/index.html
@@ -1,20 +1,20 @@
-<?xml version="1.0" encoding="utf-8" ?>
+<?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-<meta name="generator" content="Docutils 0.15.1: http://docutils.sourceforge.net/" />
+<meta name="generator" content="Docutils: https://docutils.sourceforge.io/" />
 <title>Vault - Share</title>
 <style type="text/css">
 
 /*
 :Author: David Goodger (goodger@python.org)
-:Id: $Id: html4css1.css 7952 2016-07-26 18:15:59Z milde $
+:Id: $Id: html4css1.css 8954 2022-01-20 10:10:25Z milde $
 :Copyright: This stylesheet has been placed in the public domain.
 
 Default cascading style sheet for the HTML output of Docutils.
 
-See http://docutils.sf.net/docs/howto/html-stylesheets.html for how to
+See https://docutils.sourceforge.io/docs/howto/html-stylesheets.html for how to
 customize this style sheet.
 */
 
@@ -366,8 +366,10 @@ <h1 class="title">Vault - Share</h1>
 <!-- !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 !! This file is generated by oca-gen-addon-readme !!
 !! changes will be overwritten.                   !!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!! source digest: sha256:862181a2970df8e6c6143d187b9f24e63434f9c444c014c899076101d749be59
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -->
-<p><a class="reference external" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external" href="https://github.com/OCA/server-auth/tree/15.0/vault_share"><img alt="OCA/server-auth" src="https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github" /></a> <a class="reference external" href="https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-vault_share"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external" href="https://runbot.odoo-community.org/runbot/251/15.0"><img alt="Try me on Runbot" src="https://img.shields.io/badge/runbot-Try%20me-875A7B.png" /></a></p>
+<p><a class="reference external image-reference" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external image-reference" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external image-reference" href="https://github.com/OCA/server-auth/tree/15.0/vault_share"><img alt="OCA/server-auth" src="https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github" /></a> <a class="reference external image-reference" href="https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-vault_share"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external image-reference" href="https://runboat.odoo-community.org/builds?repo=OCA/server-auth&amp;target_branch=15.0"><img alt="Try me on Runboat" src="https://img.shields.io/badge/runboat-Try%20me-875A7B.png" /></a></p>
 <p>This module implements possibilities to share specific secrets with external users. This bases on the vault implementation and the generated RSA key pair.</p>
 <div class="section" id="share">
 <h1>Share</h1>
@@ -378,7 +380,7 @@ <h1>Share</h1>
 <h1>Bug Tracker</h1>
 <p>Bugs are tracked on <a class="reference external" href="https://github.com/OCA/server-auth/issues">GitHub Issues</a>.
 In case of trouble, please check there if your issue has already been reported.
-If you spotted it first, help us smashing it by providing a detailed and welcomed
+If you spotted it first, help us to smash it by providing a detailed and welcomed
 <a class="reference external" href="https://github.com/OCA/server-auth/issues/new?body=module:%20vault_share%0Aversion:%2015.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**">feedback</a>.</p>
 <p>Do not contact contributors directly about support or help with technical issues.</p>
 </div>

From 05d104fea2b3568e07b66623caa0257f11688a0f Mon Sep 17 00:00:00 2001
From: Carlos Roca <carlos.roca@tecnativa.com>
Date: Mon, 2 Oct 2023 15:18:17 +0200
Subject: [PATCH 58/71] vault: Add new groups to allow importing/exporting
 secrets

---
 vault/__manifest__.py                     |  1 +
 vault/models/res_config_settings.py       |  6 ++++++
 vault/security/vault_security.xml         | 13 +++++++++++++
 vault/views/res_config_settings_views.xml | 22 ++++++++++++++++++++++
 vault/views/vault_entry_views.xml         |  2 ++
 vault/views/vault_views.xml               |  7 ++-----
 6 files changed, 46 insertions(+), 5 deletions(-)
 create mode 100644 vault/security/vault_security.xml

diff --git a/vault/__manifest__.py b/vault/__manifest__.py
index 79d7c576ab..dcd66a5753 100644
--- a/vault/__manifest__.py
+++ b/vault/__manifest__.py
@@ -14,6 +14,7 @@
     "data": [
         "security/ir.model.access.csv",
         "security/ir_rule.xml",
+        "security/vault_security.xml",
         "views/res_config_settings_views.xml",
         "views/res_users_views.xml",
         "views/vault_entry_views.xml",
diff --git a/vault/models/res_config_settings.py b/vault/models/res_config_settings.py
index 00923c6c42..105571263f 100644
--- a/vault/models/res_config_settings.py
+++ b/vault/models/res_config_settings.py
@@ -8,3 +8,9 @@ class ResConfigSettings(models.TransientModel):
     _inherit = "res.config.settings"
 
     module_vault_share = fields.Boolean()
+    group_vault_export = fields.Boolean(
+        "Export Vaults", implied_group="vault.group_vault_export"
+    )
+    group_vault_import = fields.Boolean(
+        "Import Vaults", implied_group="vault.group_vault_import"
+    )
diff --git a/vault/security/vault_security.xml b/vault/security/vault_security.xml
new file mode 100644
index 0000000000..a810f29538
--- /dev/null
+++ b/vault/security/vault_security.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<odoo>
+    <record id="group_vault_export" model="res.groups">
+        <field name="name">Allow to export vaults</field>
+        <field name="category_id" ref="base.module_category_hidden" />
+        <field name="users" eval="[(4, ref('base.user_admin'))]" />
+    </record>
+    <record id="group_vault_import" model="res.groups">
+        <field name="name">Allow to import vaults</field>
+        <field name="category_id" ref="base.module_category_hidden" />
+        <field name="users" eval="[(4, ref('base.user_admin'))]" />
+    </record>
+</odoo>
diff --git a/vault/views/res_config_settings_views.xml b/vault/views/res_config_settings_views.xml
index e71d94452c..691a50ee08 100644
--- a/vault/views/res_config_settings_views.xml
+++ b/vault/views/res_config_settings_views.xml
@@ -19,6 +19,28 @@
                             </div>
                         </div>
                     </div>
+                    <div class="col-xs-12 col-md-6 o_setting_box" id="vault_share">
+                        <div class="o_setting_left_pane">
+                            <field name="group_vault_import" />
+                        </div>
+                        <div class="o_setting_right_pane">
+                            <label for="group_vault_import" />
+                            <div class="text-muted">
+                                Allow all users to import vaults accessible to them
+                            </div>
+                        </div>
+                    </div>
+                    <div class="col-xs-12 col-md-6 o_setting_box" id="vault_share">
+                        <div class="o_setting_left_pane">
+                            <field name="group_vault_export" />
+                        </div>
+                        <div class="o_setting_right_pane">
+                            <label for="group_vault_export" />
+                            <div class="text-muted">
+                                Allow all users to export vaults accessible to them
+                            </div>
+                        </div>
+                    </div>
                 </div>
             </div>
         </field>
diff --git a/vault/views/vault_entry_views.xml b/vault/views/vault_entry_views.xml
index a5b444a79f..738f520252 100644
--- a/vault/views/vault_entry_views.xml
+++ b/vault/views/vault_entry_views.xml
@@ -32,11 +32,13 @@
                         type="object"
                         name="action_open_import_wizard"
                         string="Import from file"
+                        groups="vault.group_vault_import"
                     />
                     <button
                         type="object"
                         name="action_open_export_wizard"
                         string="Export to file"
+                        groups="vault.group_vault_export"
                     />
                 </header>
                 <sheet>
diff --git a/vault/views/vault_views.xml b/vault/views/vault_views.xml
index ffeac239a2..00e4271fbe 100644
--- a/vault/views/vault_views.xml
+++ b/vault/views/vault_views.xml
@@ -43,16 +43,13 @@
                         type="object"
                         name="action_open_import_wizard"
                         string="Import from file"
+                        groups="vault.group_vault_import"
                     />
                     <button
                         type="object"
                         name="action_open_export_wizard"
                         string="Export to file"
-                    />
-                    <button
-                        type="object"
-                        name="action_open_export_wizard"
-                        string="Export to file"
+                        groups="vault.group_vault_export"
                     />
                     <button name="vault_verify" string="Verify" />
                     <button

From 75d5776a6ffe136c79541b639891b6a480b1dad3 Mon Sep 17 00:00:00 2001
From: oca-ci <oca-ci@odoo-community.org>
Date: Wed, 4 Oct 2023 17:49:16 +0000
Subject: [PATCH 59/71] Update vault.pot

---
 vault/i18n/vault.pot | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/vault/i18n/vault.pot b/vault/i18n/vault.pot
index 68936f5786..13361095c5 100644
--- a/vault/i18n/vault.pot
+++ b/vault/i18n/vault.pot
@@ -69,6 +69,16 @@ msgstr ""
 msgid "All Entries"
 msgstr ""
 
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.res_config_settings_view_form
+msgid "Allow all users to export vaults accessible to them"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.res_config_settings_view_form
+msgid "Allow all users to import vaults accessible to them"
+msgstr ""
+
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.res_config_settings_view_form
 msgid "Allow the usage to share secrets with external users"
@@ -84,6 +94,16 @@ msgstr ""
 msgid "Allow to delete a vault"
 msgstr ""
 
+#. module: vault
+#: model:res.groups,name:vault.group_vault_export
+msgid "Allow to export vaults"
+msgstr ""
+
+#. module: vault
+#: model:res.groups,name:vault.group_vault_import
+msgid "Allow to import vaults"
+msgstr ""
+
 #. module: vault
 #: model:ir.model.fields,help:vault.field_vault_right__perm_share
 msgid "Allow to share a vault with new users"
@@ -408,6 +428,11 @@ msgstr ""
 msgid "Expires on"
 msgstr ""
 
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_config_settings__group_vault_export
+msgid "Export Vaults"
+msgstr ""
+
 #. module: vault
 #: code:addons/vault/models/vault.py:0
 #: code:addons/vault/models/vault_entry.py:0
@@ -549,6 +574,11 @@ msgstr ""
 msgid "Import"
 msgstr ""
 
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_config_settings__group_vault_import
+msgid "Import Vaults"
+msgstr ""
+
 #. module: vault
 #: code:addons/vault/models/vault.py:0
 #: code:addons/vault/models/vault_entry.py:0

From d4692b4ae36ac3ea5db81361843eb799eed0b675 Mon Sep 17 00:00:00 2001
From: OCA-git-bot <oca-git-bot@odoo-community.org>
Date: Wed, 4 Oct 2023 17:53:09 +0000
Subject: [PATCH 60/71] post-merge updates

---
 vault/README.rst                    | 2 +-
 vault/__manifest__.py               | 2 +-
 vault/static/description/index.html | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/vault/README.rst b/vault/README.rst
index 569422ed24..1848e73c9c 100644
--- a/vault/README.rst
+++ b/vault/README.rst
@@ -7,7 +7,7 @@ Vault
    !! This file is generated by oca-gen-addon-readme !!
    !! changes will be overwritten.                   !!
    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-   !! source digest: sha256:a1eb0ec5aec8e20cf1599460a548d1794fcb11a9e7a317fd9428ca4cd35d0b09
+   !! source digest: sha256:e0b69ed2cd488c2635fec51457c0cb50c1bbd628cc768e68cd8d1d80c944ce2e
    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 
 .. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
diff --git a/vault/__manifest__.py b/vault/__manifest__.py
index dcd66a5753..09eb85ea28 100644
--- a/vault/__manifest__.py
+++ b/vault/__manifest__.py
@@ -5,7 +5,7 @@
     "name": "Vault",
     "summary": "Password vault integration in Odoo",
     "license": "AGPL-3",
-    "version": "15.0.2.0.1",
+    "version": "15.0.2.1.0",
     "website": "https://github.com/OCA/server-auth",
     "application": True,
     "author": "initOS GmbH, Odoo Community Association (OCA)",
diff --git a/vault/static/description/index.html b/vault/static/description/index.html
index e0a1f3f446..4cc4272298 100644
--- a/vault/static/description/index.html
+++ b/vault/static/description/index.html
@@ -367,7 +367,7 @@ <h1 class="title">Vault</h1>
 !! This file is generated by oca-gen-addon-readme !!
 !! changes will be overwritten.                   !!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-!! source digest: sha256:a1eb0ec5aec8e20cf1599460a548d1794fcb11a9e7a317fd9428ca4cd35d0b09
+!! source digest: sha256:e0b69ed2cd488c2635fec51457c0cb50c1bbd628cc768e68cd8d1d80c944ce2e
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -->
 <p><a class="reference external image-reference" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external image-reference" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external image-reference" href="https://github.com/OCA/server-auth/tree/15.0/vault"><img alt="OCA/server-auth" src="https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github" /></a> <a class="reference external image-reference" href="https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-vault"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external image-reference" href="https://runboat.odoo-community.org/builds?repo=OCA/server-auth&amp;target_branch=15.0"><img alt="Try me on Runboat" src="https://img.shields.io/badge/runboat-Try%20me-875A7B.png" /></a></p>
 <p>This module implements a vault for secrets and files using end-to-end-encryption. The encryption and decryption happens in the browser using a vault specific shared master key. The master keys are encrypted using asymmetrically. For this the user has to enter a second password on the first login or if he needs to access data in a vault. The asymmetric keys are stored for a certain time in the browser storage.</p>

From 461467d9a4243257478a3b4b9614d46980afb6aa Mon Sep 17 00:00:00 2001
From: Weblate <noreply@weblate.org>
Date: Mon, 9 Oct 2023 21:35:18 +0000
Subject: [PATCH 61/71] Update translation files

Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: server-auth-15.0/server-auth-15.0-vault_share
Translate-URL: https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-vault_share/
---
 vault_share/i18n/nl.po | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/vault_share/i18n/nl.po b/vault_share/i18n/nl.po
index 09968ce8c6..5ea11a1ac3 100644
--- a/vault_share/i18n/nl.po
+++ b/vault_share/i18n/nl.po
@@ -159,9 +159,6 @@ msgstr ""
 #. module: vault_share
 #. openerp-web
 #: code:addons/vault_share/static/src/backend/templates.xml:0
-#: code:addons/vault_share/static/src/backend/templates.xml:0
-#: code:addons/vault_share/static/src/backend/templates.xml:0
-#: code:addons/vault_share/static/src/backend/templates.xml:0
 #, python-format
 msgid "Save in a vault"
 msgstr "Opslaan in een kluis"
@@ -196,7 +193,6 @@ msgstr "Deel het geheim"
 #. module: vault_share
 #. openerp-web
 #: code:addons/vault_share/static/src/backend/templates.xml:0
-#: code:addons/vault_share/static/src/backend/templates.xml:0
 #, python-format
 msgid "Share the secret with an external user"
 msgstr "Het geheim delen met een externe gebruiker"

From 56a7fd5c4383803b217d5618f04cd1c6480c89f2 Mon Sep 17 00:00:00 2001
From: Weblate <noreply@weblate.org>
Date: Tue, 10 Oct 2023 05:35:53 +0000
Subject: [PATCH 62/71] Update translation files

Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: server-auth-15.0/server-auth-15.0-vault
Translate-URL: https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-vault/
---
 vault/i18n/es.po | 30 ++++++++++++++++++++++++++++++
 vault/i18n/nl.po | 30 ++++++++++++++++++++++++++++++
 2 files changed, 60 insertions(+)

diff --git a/vault/i18n/es.po b/vault/i18n/es.po
index dc8f80fe9c..d3f7e543a7 100644
--- a/vault/i18n/es.po
+++ b/vault/i18n/es.po
@@ -73,6 +73,16 @@ msgstr "Clave activa"
 msgid "All Entries"
 msgstr "Todos los registros"
 
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.res_config_settings_view_form
+msgid "Allow all users to export vaults accessible to them"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.res_config_settings_view_form
+msgid "Allow all users to import vaults accessible to them"
+msgstr ""
+
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.res_config_settings_view_form
 msgid "Allow the usage to share secrets with external users"
@@ -88,6 +98,16 @@ msgstr "Permitir crear en el vault"
 msgid "Allow to delete a vault"
 msgstr "Permitir borrar un vault"
 
+#. module: vault
+#: model:res.groups,name:vault.group_vault_export
+msgid "Allow to export vaults"
+msgstr ""
+
+#. module: vault
+#: model:res.groups,name:vault.group_vault_import
+msgid "Allow to import vaults"
+msgstr ""
+
 #. module: vault
 #: model:ir.model.fields,help:vault.field_vault_right__perm_share
 msgid "Allow to share a vault with new users"
@@ -410,6 +430,11 @@ msgstr "Expirado"
 msgid "Expires on"
 msgstr "Expira en"
 
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_config_settings__group_vault_export
+msgid "Export Vaults"
+msgstr ""
+
 #. module: vault
 #: code:addons/vault/models/vault.py:0
 #: code:addons/vault/models/vault_entry.py:0
@@ -552,6 +577,11 @@ msgstr ""
 msgid "Import"
 msgstr "Importar"
 
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_config_settings__group_vault_import
+msgid "Import Vaults"
+msgstr ""
+
 #. module: vault
 #: code:addons/vault/models/vault.py:0
 #: code:addons/vault/models/vault_entry.py:0
diff --git a/vault/i18n/nl.po b/vault/i18n/nl.po
index 41fdb25347..f68e2479c0 100644
--- a/vault/i18n/nl.po
+++ b/vault/i18n/nl.po
@@ -72,6 +72,16 @@ msgstr "Actieve sleutel"
 msgid "All Entries"
 msgstr "Alle invoeren"
 
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.res_config_settings_view_form
+msgid "Allow all users to export vaults accessible to them"
+msgstr ""
+
+#. module: vault
+#: model_terms:ir.ui.view,arch_db:vault.res_config_settings_view_form
+msgid "Allow all users to import vaults accessible to them"
+msgstr ""
+
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.res_config_settings_view_form
 msgid "Allow the usage to share secrets with external users"
@@ -87,6 +97,16 @@ msgstr ""
 msgid "Allow to delete a vault"
 msgstr ""
 
+#. module: vault
+#: model:res.groups,name:vault.group_vault_export
+msgid "Allow to export vaults"
+msgstr ""
+
+#. module: vault
+#: model:res.groups,name:vault.group_vault_import
+msgid "Allow to import vaults"
+msgstr ""
+
 #. module: vault
 #: model:ir.model.fields,help:vault.field_vault_right__perm_share
 msgid "Allow to share a vault with new users"
@@ -408,6 +428,11 @@ msgstr "Verlopen"
 msgid "Expires on"
 msgstr "Verloopt op"
 
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_config_settings__group_vault_export
+msgid "Export Vaults"
+msgstr ""
+
 #. module: vault
 #: code:addons/vault/models/vault.py:0
 #: code:addons/vault/models/vault_entry.py:0
@@ -547,6 +572,11 @@ msgstr ""
 msgid "Import"
 msgstr "Import"
 
+#. module: vault
+#: model:ir.model.fields,field_description:vault.field_res_config_settings__group_vault_import
+msgid "Import Vaults"
+msgstr ""
+
 #. module: vault
 #: code:addons/vault/models/vault.py:0
 #: code:addons/vault/models/vault_entry.py:0

From d73a782168229782f40243980bfb932c7d8da887 Mon Sep 17 00:00:00 2001
From: Ivorra78 <informatica@totmaterial.es>
Date: Mon, 30 Oct 2023 19:10:17 +0000
Subject: [PATCH 63/71] Translated using Weblate (Spanish)

Currently translated at 100.0% (47 of 47 strings)

Translation: server-auth-15.0/server-auth-15.0-vault_share
Translate-URL: https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-vault_share/es/
---
 vault_share/i18n/es.po | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/vault_share/i18n/es.po b/vault_share/i18n/es.po
index 4750864d5f..a73a93b1cb 100644
--- a/vault_share/i18n/es.po
+++ b/vault_share/i18n/es.po
@@ -7,8 +7,8 @@ msgstr ""
 "Project-Id-Version: Odoo Server 13.0\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2022-06-06 07:44+0000\n"
-"PO-Revision-Date: 2023-06-13 11:09+0000\n"
-"Last-Translator: Víctor Martínez <victor.martinez@tecnativa.com>\n"
+"PO-Revision-Date: 2023-10-30 21:37+0000\n"
+"Last-Translator: Ivorra78 <informatica@totmaterial.es>\n"
 "Language-Team: \n"
 "Language: es\n"
 "MIME-Version: 1.0\n"
@@ -157,7 +157,7 @@ msgstr "Pin"
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__salt
 msgid "Salt"
-msgstr ""
+msgstr "Sal"
 
 #. module: vault_share
 #. openerp-web
@@ -245,13 +245,13 @@ msgstr "El secreto ha expirado"
 #: code:addons/vault_share/models/vault_share.py:0
 #, python-format
 msgid "The share was accessed by %(name)s via %(ip)s"
-msgstr ""
+msgstr "%(name)s ha accedido a la acción a través de %(ip)s"
 
 #. module: vault_share
 #: code:addons/vault_share/models/vault_share.py:0
 #, python-format
 msgid "The share was created by %(name)s"
-msgstr ""
+msgstr "La acción fue creada por %(name)s"
 
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_vault_share__token
@@ -271,21 +271,21 @@ msgstr "Utilizando este enlace y el pin la gente puede acceder al secreto."
 #. module: vault_share
 #: model:ir.model.fields,field_description:vault_share.field_res_company__vault_share_delay
 msgid "Vault Share Delay"
-msgstr ""
+msgstr "Retraso de la Acción de la Bóveda"
 
 #. module: vault_share
 #: code:addons/vault_share/models/vault_share_log.py:0
 #: model:ir.model,name:vault_share.model_vault_share_log
 #, python-format
 msgid "Vault share log"
-msgstr ""
+msgstr "Registro de compartición de la bóveda"
 
 #. module: vault_share
 #: code:addons/vault_share/models/vault_share.py:0
 #: model:ir.model,name:vault_share.model_vault_share
 #, python-format
 msgid "Vault share outgoing secrets"
-msgstr ""
+msgstr "La bóveda comparte secretos de salida"
 
 #, python-format
 #~ msgid "The share was accessed by %s via %s"

From 66b399ec35af7544d8686e5df2e0bb59a0307120 Mon Sep 17 00:00:00 2001
From: Ivorra78 <informatica@totmaterial.es>
Date: Tue, 31 Oct 2023 18:20:03 +0000
Subject: [PATCH 64/71] Translated using Weblate (Spanish)

Currently translated at 100.0% (197 of 197 strings)

Translation: server-auth-15.0/server-auth-15.0-vault
Translate-URL: https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-vault/es/
---
 vault/i18n/es.po | 32 ++++++++++++++++----------------
 1 file changed, 16 insertions(+), 16 deletions(-)

diff --git a/vault/i18n/es.po b/vault/i18n/es.po
index d3f7e543a7..b6682a9784 100644
--- a/vault/i18n/es.po
+++ b/vault/i18n/es.po
@@ -7,8 +7,8 @@ msgstr ""
 "Project-Id-Version: Odoo Server 14.0\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2022-06-06 06:57+0000\n"
-"PO-Revision-Date: 2023-08-02 11:09+0000\n"
-"Last-Translator: Carlos Roca Zaragoza <carlos.roca@tecnativa.com>\n"
+"PO-Revision-Date: 2023-10-31 20:36+0000\n"
+"Last-Translator: Ivorra78 <informatica@totmaterial.es>\n"
 "Language-Team: \n"
 "Language: es\n"
 "MIME-Version: 1.0\n"
@@ -21,7 +21,7 @@ msgstr ""
 #: code:addons/vault/models/vault_entry.py:0
 #, python-format
 msgid "%(action)s entry %(name)s by %(user)s"
-msgstr ""
+msgstr "%(action)s entrada %(name)s por %(user)s"
 
 #. module: vault
 #. openerp-web
@@ -76,12 +76,12 @@ msgstr "Todos los registros"
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.res_config_settings_view_form
 msgid "Allow all users to export vaults accessible to them"
-msgstr ""
+msgstr "Permitir que todos los usuarios exporten bóvedas accesibles para ellos"
 
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.res_config_settings_view_form
 msgid "Allow all users to import vaults accessible to them"
-msgstr ""
+msgstr "Permitir que todos los usuarios importen bóvedas accesibles para ellos"
 
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.res_config_settings_view_form
@@ -101,12 +101,12 @@ msgstr "Permitir borrar un vault"
 #. module: vault
 #: model:res.groups,name:vault.group_vault_export
 msgid "Allow to export vaults"
-msgstr ""
+msgstr "Permitir exportar bóvedas"
 
 #. module: vault
 #: model:res.groups,name:vault.group_vault_import
 msgid "Allow to import vaults"
-msgstr ""
+msgstr "Permitir importar bóvedas"
 
 #. module: vault
 #: model:ir.model.fields,help:vault.field_vault_right__perm_share
@@ -286,7 +286,7 @@ msgstr "Creado por"
 #: code:addons/vault/models/vault_inbox.py:0
 #, python-format
 msgid "Created by %(name)s via %(ip)s"
-msgstr ""
+msgstr "Creado por %(name)s a través de %(ip)s"
 
 #. module: vault
 #: code:addons/vault/wizards/vault_send_wizard.py:0
@@ -433,7 +433,7 @@ msgstr "Expira en"
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_config_settings__group_vault_export
 msgid "Export Vaults"
-msgstr ""
+msgstr "Exportar bóvedas"
 
 #. module: vault
 #: code:addons/vault/models/vault.py:0
@@ -580,7 +580,7 @@ msgstr "Importar"
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_config_settings__group_vault_import
 msgid "Import Vaults"
-msgstr ""
+msgstr "Importar bóvedas"
 
 #. module: vault
 #: code:addons/vault/models/vault.py:0
@@ -1011,7 +1011,7 @@ msgstr "Derechos"
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__salt
 msgid "Salt"
-msgstr ""
+msgstr "Sal"
 
 #. module: vault
 #. openerp-web
@@ -1268,7 +1268,7 @@ msgstr "Valor"
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_search
 #, python-format
 msgid "Vault"
-msgstr "Vault"
+msgstr "Bóveda"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users__vault_right_ids
@@ -1311,17 +1311,17 @@ msgstr "Etiqueta de vault"
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_search
 msgid "Vaults"
-msgstr ""
+msgstr "Bóvedas"
 
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_form
 msgid "Verify"
-msgstr ""
+msgstr "Verificar"
 
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users_key__version
 msgid "Version"
-msgstr ""
+msgstr "Versión"
 
 #. module: vault
 #: code:addons/vault/models/vault_log.py:0
@@ -1352,7 +1352,7 @@ msgstr "Escribir"
 #: code:addons/vault/models/vault_inbox.py:0
 #, python-format
 msgid "Written by %(name)s via %(ip)s"
-msgstr ""
+msgstr "Escrito por %(name)s vía %(ip)s"
 
 #. module: vault
 #: code:addons/vault/models/vault_entry.py:0

From 9240e1a098be85f9d84b0f915003c713601b1ecb Mon Sep 17 00:00:00 2001
From: fkantelberg <florian.kantelberg@initos.com>
Date: Thu, 18 Jan 2024 19:13:38 +0100
Subject: [PATCH 65/71] [MIG][16.0] vault: Migration and restructuring for 16.0

---
 setup/vault/odoo/addons/vault                 |   1 +
 setup/vault/setup.py                          |   6 +
 vault/README.rst                              |  12 +-
 vault/__manifest__.py                         |  10 +-
 vault/controllers/main.py                     |   4 +
 vault/models/abstract_vault_field.py          |  26 +-
 vault/models/vault.py                         |   2 +-
 vault/models/vault_entry.py                   |  27 +-
 vault/models/vault_log.py                     |   6 +-
 vault/models/vault_right.py                   |  35 +-
 vault/static/description/index.html           |   8 +-
 vault/static/src/backend/controller.esm.js    | 382 ++++++++++++
 vault/static/src/backend/export.esm.js        |   8 +-
 vault/static/src/backend/fields/templates.xml | 121 ++++
 .../backend/fields/vault_export_file.esm.js   |  45 ++
 .../src/backend/fields/vault_field.esm.js     | 200 +++++++
 .../src/backend/fields/vault_file.esm.js      |  61 ++
 .../backend/fields/vault_inbox_field.esm.js   |  49 ++
 .../backend/fields/vault_inbox_file.esm.js    |  49 ++
 .../backend/fields/vault_inbox_mixin.esm.js   |  64 ++
 .../src/backend/fields/vault_mixin.esm.js     | 197 ++++++
 vault/static/src/backend/import.esm.js        |   2 +-
 vault/static/src/backend/list_renderer.esm.js |  12 +
 vault/static/src/backend/templates.xml        |  88 ---
 vault/static/src/backend/vault.esm.js         |  16 +-
 vault/static/src/backend/vault.scss           |  14 +-
 vault/static/src/common/utils.esm.js          |  31 +-
 vault/static/src/frontend/inbox.esm.js        |  23 +-
 vault/static/src/legacy/vault_controller.js   | 389 ------------
 vault/static/src/legacy/vault_widget.js       | 563 ------------------
 vault/tests/test_controller.py                |  45 +-
 vault/tests/test_widgets.py                   |   6 +-
 vault/views/res_users_views.xml               |   2 +-
 vault/views/vault_entry_views.xml             |   2 +-
 vault/views/vault_inbox_views.xml             |   6 +-
 vault/wizards/vault_export_wizard.py          |  34 +-
 vault/wizards/vault_export_wizard.xml         |   2 +-
 vault/wizards/vault_send_wizard.py            |   6 +-
 vault_share/README.rst                        |  81 ---
 vault_share/__init__.py                       |   4 -
 vault_share/__manifest__.py                   |  39 --
 vault_share/controllers/__init__.py           |   4 -
 vault_share/controllers/main.py               |  35 --
 vault_share/data/ir_cron.xml                  |  13 -
 vault_share/i18n/es.po                        | 296 ---------
 vault_share/i18n/nl.po                        | 281 ---------
 vault_share/i18n/vault_share.pot              | 282 ---------
 vault_share/models/__init__.py                |   4 -
 vault_share/models/res_company.py             |  10 -
 vault_share/models/res_config_settings.py     |  24 -
 vault_share/models/vault_share.py             |  84 ---
 vault_share/models/vault_share_log.py         |  22 -
 vault_share/readme/CONTRIBUTORS.rst           |   1 -
 vault_share/readme/DESCRIPTION.rst            |   6 -
 vault_share/security/ir.model.access.csv      |   3 -
 vault_share/security/ir_rule.xml              |  22 -
 vault_share/static/description/icon.png       | Bin 2287 -> 0 bytes
 vault_share/static/description/index.html     | 414 -------------
 vault_share/static/src/backend/templates.xml  |  57 --
 .../static/src/backend/vault_share.scss       |   3 -
 vault_share/static/src/common/utils.esm.js    |  16 -
 vault_share/static/src/frontend/share.esm.js  |  56 --
 vault_share/static/src/legacy/vault_fields.js |  55 --
 .../static/src/legacy/vault_share_widget.js   | 367 ------------
 vault_share/tests/__init__.py                 |   4 -
 vault_share/tests/test_share.py               |  73 ---
 vault_share/views/menuitems.xml               |  16 -
 .../views/res_config_settings_views.xml       |  18 -
 vault_share/views/templates.xml               |  48 --
 vault_share/views/vault_share_views.xml       |  48 --
 70 files changed, 1368 insertions(+), 3572 deletions(-)
 create mode 120000 setup/vault/odoo/addons/vault
 create mode 100644 setup/vault/setup.py
 create mode 100644 vault/static/src/backend/controller.esm.js
 create mode 100644 vault/static/src/backend/fields/templates.xml
 create mode 100644 vault/static/src/backend/fields/vault_export_file.esm.js
 create mode 100644 vault/static/src/backend/fields/vault_field.esm.js
 create mode 100644 vault/static/src/backend/fields/vault_file.esm.js
 create mode 100644 vault/static/src/backend/fields/vault_inbox_field.esm.js
 create mode 100644 vault/static/src/backend/fields/vault_inbox_file.esm.js
 create mode 100644 vault/static/src/backend/fields/vault_inbox_mixin.esm.js
 create mode 100644 vault/static/src/backend/fields/vault_mixin.esm.js
 create mode 100644 vault/static/src/backend/list_renderer.esm.js
 delete mode 100644 vault/static/src/legacy/vault_controller.js
 delete mode 100644 vault/static/src/legacy/vault_widget.js
 delete mode 100644 vault_share/README.rst
 delete mode 100644 vault_share/__init__.py
 delete mode 100644 vault_share/__manifest__.py
 delete mode 100644 vault_share/controllers/__init__.py
 delete mode 100644 vault_share/controllers/main.py
 delete mode 100644 vault_share/data/ir_cron.xml
 delete mode 100644 vault_share/i18n/es.po
 delete mode 100644 vault_share/i18n/nl.po
 delete mode 100644 vault_share/i18n/vault_share.pot
 delete mode 100644 vault_share/models/__init__.py
 delete mode 100644 vault_share/models/res_company.py
 delete mode 100644 vault_share/models/res_config_settings.py
 delete mode 100644 vault_share/models/vault_share.py
 delete mode 100644 vault_share/models/vault_share_log.py
 delete mode 100644 vault_share/readme/CONTRIBUTORS.rst
 delete mode 100644 vault_share/readme/DESCRIPTION.rst
 delete mode 100644 vault_share/security/ir.model.access.csv
 delete mode 100644 vault_share/security/ir_rule.xml
 delete mode 100644 vault_share/static/description/icon.png
 delete mode 100644 vault_share/static/description/index.html
 delete mode 100644 vault_share/static/src/backend/templates.xml
 delete mode 100644 vault_share/static/src/backend/vault_share.scss
 delete mode 100644 vault_share/static/src/common/utils.esm.js
 delete mode 100644 vault_share/static/src/frontend/share.esm.js
 delete mode 100644 vault_share/static/src/legacy/vault_fields.js
 delete mode 100644 vault_share/static/src/legacy/vault_share_widget.js
 delete mode 100644 vault_share/tests/__init__.py
 delete mode 100644 vault_share/tests/test_share.py
 delete mode 100644 vault_share/views/menuitems.xml
 delete mode 100644 vault_share/views/res_config_settings_views.xml
 delete mode 100644 vault_share/views/templates.xml
 delete mode 100644 vault_share/views/vault_share_views.xml

diff --git a/setup/vault/odoo/addons/vault b/setup/vault/odoo/addons/vault
new file mode 120000
index 0000000000..4ead31e201
--- /dev/null
+++ b/setup/vault/odoo/addons/vault
@@ -0,0 +1 @@
+../../../../vault
\ No newline at end of file
diff --git a/setup/vault/setup.py b/setup/vault/setup.py
new file mode 100644
index 0000000000..28c57bb640
--- /dev/null
+++ b/setup/vault/setup.py
@@ -0,0 +1,6 @@
+import setuptools
+
+setuptools.setup(
+    setup_requires=['setuptools-odoo'],
+    odoo_addon=True,
+)
diff --git a/vault/README.rst b/vault/README.rst
index 1848e73c9c..1b127f4d65 100644
--- a/vault/README.rst
+++ b/vault/README.rst
@@ -7,7 +7,7 @@ Vault
    !! This file is generated by oca-gen-addon-readme !!
    !! changes will be overwritten.                   !!
    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-   !! source digest: sha256:e0b69ed2cd488c2635fec51457c0cb50c1bbd628cc768e68cd8d1d80c944ce2e
+   !! source digest: sha256:9bc765eb2b8c6fb6a4912b97a282f3c40996011386f83779dccfad8c2672bfe6
    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 
 .. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
@@ -17,13 +17,13 @@ Vault
     :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
     :alt: License: AGPL-3
 .. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github
-    :target: https://github.com/OCA/server-auth/tree/15.0/vault
+    :target: https://github.com/OCA/server-auth/tree/16.0/vault
     :alt: OCA/server-auth
 .. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
-    :target: https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-vault
+    :target: https://translation.odoo-community.org/projects/server-auth-16-0/server-auth-16-0-vault
     :alt: Translate me on Weblate
 .. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png
-    :target: https://runboat.odoo-community.org/builds?repo=OCA/server-auth&target_branch=15.0
+    :target: https://runboat.odoo-community.org/builds?repo=OCA/server-auth&target_branch=16.0
     :alt: Try me on Runboat
 
 |badge1| |badge2| |badge3| |badge4| |badge5|
@@ -65,7 +65,7 @@ Bug Tracker
 Bugs are tracked on `GitHub Issues <https://github.com/OCA/server-auth/issues>`_.
 In case of trouble, please check there if your issue has already been reported.
 If you spotted it first, help us to smash it by providing a detailed and welcomed
-`feedback <https://github.com/OCA/server-auth/issues/new?body=module:%20vault%0Aversion:%2015.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
+`feedback <https://github.com/OCA/server-auth/issues/new?body=module:%20vault%0Aversion:%2016.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
 
 Do not contact contributors directly about support or help with technical issues.
 
@@ -95,6 +95,6 @@ OCA, or the Odoo Community Association, is a nonprofit organization whose
 mission is to support the collaborative development of Odoo features and
 promote its widespread use.
 
-This module is part of the `OCA/server-auth <https://github.com/OCA/server-auth/tree/15.0/vault>`_ project on GitHub.
+This module is part of the `OCA/server-auth <https://github.com/OCA/server-auth/tree/16.0/vault>`_ project on GitHub.
 
 You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.
diff --git a/vault/__manifest__.py b/vault/__manifest__.py
index 09eb85ea28..e3cfda3f64 100644
--- a/vault/__manifest__.py
+++ b/vault/__manifest__.py
@@ -5,7 +5,7 @@
     "name": "Vault",
     "summary": "Password vault integration in Odoo",
     "license": "AGPL-3",
-    "version": "15.0.2.1.0",
+    "version": "16.0.1.0.0",
     "website": "https://github.com/OCA/server-auth",
     "application": True,
     "author": "initOS GmbH, Odoo Community Association (OCA)",
@@ -38,14 +38,10 @@
         ],
         "web.assets_backend": [
             "vault/static/lib/**/*.min.js",
+            "vault/static/src/**/*.xml",
             "vault/static/src/common/*.js",
             "vault/static/src/backend/*.scss",
-            "vault/static/src/backend/*.js",
-            "vault/static/src/legacy/vault_controller.js",
-            "vault/static/src/legacy/vault_widget.js",
-        ],
-        "web.assets_qweb": [
-            "vault/static/src/**/*.xml",
+            "vault/static/src/backend/**/*.js",
         ],
         "web.tests_assets": [
             "vault/static/tests/**/*.js",
diff --git a/vault/controllers/main.py b/vault/controllers/main.py
index c7ec7e70a8..1ca361dda3 100644
--- a/vault/controllers/main.py
+++ b/vault/controllers/main.py
@@ -4,6 +4,7 @@
 import logging
 
 from odoo import _, http
+from odoo.exceptions import AccessDenied
 from odoo.http import request
 
 _logger = logging.getLogger(__name__)
@@ -136,6 +137,9 @@ def vault_replace(self, data):
         vault = request.env["vault"].with_context(vault_skip_log=True)
         for changes in data:
             record = vault.env[changes["model"]].browse(changes["id"])
+            if not record.vault_id.allowed_write:
+                raise AccessDenied()
+
             vault |= record.vault_id
             if record._name in ("vault.field", "vault.file"):
                 record.write({k: v for k, v in changes.items() if k in ["iv", "value"]})
diff --git a/vault/models/abstract_vault_field.py b/vault/models/abstract_vault_field.py
index 65c42ca55b..691d7b7d03 100644
--- a/vault/models/abstract_vault_field.py
+++ b/vault/models/abstract_vault_field.py
@@ -33,29 +33,25 @@ def _compute_master_key(self):
             rec.master_key = rec.vault_id.master_key
 
     def log_change(self, action):
-        self.ensure_one()
         if self.env.context.get("vault_skip_log"):
             return
 
-        self.entry_id.log_info(
-            f"{action} value {self.name} of {self.entry_id.complete_name} "
-            f"by {self.env.user.display_name}"
-        )
-
-    @api.model_create_single
-    def create(self, values):
-        res = super().create(values)
+        for rec in self:
+            rec.entry_id.log_info(
+                f"{action} value {rec.name} of {rec.entry_id.complete_name} "
+                f"by {self.env.user.display_name}"
+            )
+
+    @api.model_create_multi
+    def create(self, vals_list):
+        res = super().create(vals_list)
         res.log_change("Created")
         return res
 
     def unlink(self):
-        for rec in self:
-            rec.log_change("Deleted")
-
+        self.log_change("Deleted")
         return super().unlink()
 
     def write(self, values):
-        for rec in self:
-            rec.log_change("Changed")
-
+        self.log_change("Changed")
         return super().write(values)
diff --git a/vault/models/vault.py b/vault/models/vault.py
index 8d6064c51e..5aef99f230 100644
--- a/vault/models/vault.py
+++ b/vault/models/vault.py
@@ -1,4 +1,4 @@
-# © 2021 Florian Kantelberg - initOS GmbH
+# © 2021-2024 Florian Kantelberg - initOS GmbH
 # License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
 
 import logging
diff --git a/vault/models/vault_entry.py b/vault/models/vault_entry.py
index 03677f0359..1f553c3561 100644
--- a/vault/models/vault_entry.py
+++ b/vault/models/vault_entry.py
@@ -140,28 +140,27 @@ def _search_expired(self, operator, value):
         return ["|", ("expire_date", ">=", datetime.now()), ("expire_date", "=", False)]
 
     def log_change(self, action):
-        self.ensure_one()
         if self.env.context.get("vault_skip_log"):
             return
 
-        self.log_info(
-            _("%(action)s entry %(name)s by %(user)s")
-            % {
-                "action": action,
-                "name": self.complete_name,
-                "user": self.env.user.display_name,
-            }
-        )
+        for rec in self:
+            rec.log_info(
+                _("%(action)s entry %(name)s by %(user)s")
+                % {
+                    "action": action,
+                    "name": rec.complete_name,
+                    "user": rec.env.user.display_name,
+                }
+            )
 
-    @api.model_create_single
-    def create(self, values):
-        res = super().create(values)
+    @api.model_create_multi
+    def create(self, vals_list):
+        res = super().create(vals_list)
         res.log_change("Created")
         return res
 
     def unlink(self):
-        for rec in self:
-            rec.log_change("Deleted")
+        self.log_change("Deleted")
 
         return super().unlink()
 
diff --git a/vault/models/vault_log.py b/vault/models/vault_log.py
index 9189dd122d..3f44569c53 100644
--- a/vault/models/vault_log.py
+++ b/vault/models/vault_log.py
@@ -38,9 +38,9 @@ def _get_log_state(self):
             ("error", _("Error")),
         ]
 
-    @api.model
-    def create(self, values):
-        res = super().create(values)
+    @api.model_create_multi
+    def create(self, vals_list):
+        res = super().create(vals_list)
         if not self.env.context.get("skip_log", False):
             _logger.info("Vault log: %s", res.message)
         return res
diff --git a/vault/models/vault_right.py b/vault/models/vault_right.py
index 287a69961b..1f9fc3bc77 100644
--- a/vault/models/vault_right.py
+++ b/vault/models/vault_right.py
@@ -69,25 +69,25 @@ def _compute_public_key(self):
             rec.public_key = rec.user_id.active_key.public
 
     def log_access(self):
-        self.ensure_one()
-        rights = ", ".join(
-            sorted(
-                ["read"]
-                + [
-                    right
-                    for right in ["create", "write", "share", "delete"]
-                    if getattr(self, f"perm_{right}", False)
-                ]
+        for rec in self:
+            rights = ", ".join(
+                sorted(
+                    ["read"]
+                    + [
+                        right
+                        for right in ["create", "write", "share", "delete"]
+                        if getattr(rec, f"perm_{right}", False)
+                    ]
+                )
             )
-        )
 
-        self.vault_id.log_info(
-            f"Grant access to user {self.user_id.display_name}: {rights}"
-        )
+            rec.vault_id.log_info(
+                f"Grant access to user {rec.user_id.display_name}: {rights}"
+            )
 
-    @api.model
-    def create(self, values):
-        res = super().create(values)
+    @api.model_create_multi
+    def create(self, vals_list):
+        res = super().create(vals_list)
         if not res.allowed_share and not res.env.su:
             self.raise_access_error()
 
@@ -98,8 +98,7 @@ def write(self, values):
         res = super().write(values)
         perms = ["perm_write", "perm_delete", "perm_share", "perm_create"]
         if any(x in values for x in perms):
-            for rec in self:
-                rec.log_access()
+            self.log_access()
 
         return res
 
diff --git a/vault/static/description/index.html b/vault/static/description/index.html
index 4cc4272298..6fcc35e1b3 100644
--- a/vault/static/description/index.html
+++ b/vault/static/description/index.html
@@ -367,9 +367,9 @@ <h1 class="title">Vault</h1>
 !! This file is generated by oca-gen-addon-readme !!
 !! changes will be overwritten.                   !!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-!! source digest: sha256:e0b69ed2cd488c2635fec51457c0cb50c1bbd628cc768e68cd8d1d80c944ce2e
+!! source digest: sha256:9bc765eb2b8c6fb6a4912b97a282f3c40996011386f83779dccfad8c2672bfe6
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -->
-<p><a class="reference external image-reference" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external image-reference" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external image-reference" href="https://github.com/OCA/server-auth/tree/15.0/vault"><img alt="OCA/server-auth" src="https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github" /></a> <a class="reference external image-reference" href="https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-vault"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external image-reference" href="https://runboat.odoo-community.org/builds?repo=OCA/server-auth&amp;target_branch=15.0"><img alt="Try me on Runboat" src="https://img.shields.io/badge/runboat-Try%20me-875A7B.png" /></a></p>
+<p><a class="reference external image-reference" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external image-reference" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external image-reference" href="https://github.com/OCA/server-auth/tree/16.0/vault"><img alt="OCA/server-auth" src="https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github" /></a> <a class="reference external image-reference" href="https://translation.odoo-community.org/projects/server-auth-16-0/server-auth-16-0-vault"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external image-reference" href="https://runboat.odoo-community.org/builds?repo=OCA/server-auth&amp;target_branch=16.0"><img alt="Try me on Runboat" src="https://img.shields.io/badge/runboat-Try%20me-875A7B.png" /></a></p>
 <p>This module implements a vault for secrets and files using end-to-end-encryption. The encryption and decryption happens in the browser using a vault specific shared master key. The master keys are encrypted using asymmetrically. For this the user has to enter a second password on the first login or if he needs to access data in a vault. The asymmetric keys are stored for a certain time in the browser storage.</p>
 <p>The server can never access the secrets with the information available. Only people registered in the vault can decrypt or encrypt values in a vault. The meta data isn’t encrypted to be able to search/filter for entries more easily.</p>
 <p>This modules requires a secure context for the browser to work properly.</p>
@@ -413,7 +413,7 @@ <h1><a class="toc-backref" href="#toc-entry-2">Bug Tracker</a></h1>
 <p>Bugs are tracked on <a class="reference external" href="https://github.com/OCA/server-auth/issues">GitHub Issues</a>.
 In case of trouble, please check there if your issue has already been reported.
 If you spotted it first, help us to smash it by providing a detailed and welcomed
-<a class="reference external" href="https://github.com/OCA/server-auth/issues/new?body=module:%20vault%0Aversion:%2015.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**">feedback</a>.</p>
+<a class="reference external" href="https://github.com/OCA/server-auth/issues/new?body=module:%20vault%0Aversion:%2016.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**">feedback</a>.</p>
 <p>Do not contact contributors directly about support or help with technical issues.</p>
 </div>
 <div class="section" id="credits">
@@ -437,7 +437,7 @@ <h2><a class="toc-backref" href="#toc-entry-6">Maintainers</a></h2>
 <p>OCA, or the Odoo Community Association, is a nonprofit organization whose
 mission is to support the collaborative development of Odoo features and
 promote its widespread use.</p>
-<p>This module is part of the <a class="reference external" href="https://github.com/OCA/server-auth/tree/15.0/vault">OCA/server-auth</a> project on GitHub.</p>
+<p>This module is part of the <a class="reference external" href="https://github.com/OCA/server-auth/tree/16.0/vault">OCA/server-auth</a> project on GitHub.</p>
 <p>You are welcome to contribute. To learn how please visit <a class="reference external" href="https://odoo-community.org/page/Contribute">https://odoo-community.org/page/Contribute</a>.</p>
 </div>
 </div>
diff --git a/vault/static/src/backend/controller.esm.js b/vault/static/src/backend/controller.esm.js
new file mode 100644
index 0000000000..3310fd0d2b
--- /dev/null
+++ b/vault/static/src/backend/controller.esm.js
@@ -0,0 +1,382 @@
+/** @odoo-module alias=vault.controller **/
+// © 2021-2024 Florian Kantelberg - initOS GmbH
+// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import Dialog from "web.Dialog";
+import {FormController} from "@web/views/form/form_controller";
+import Importer from "vault.import";
+import {_lt} from "@web/core/l10n/translation";
+import framework from "web.framework";
+import {patch} from "@web/core/utils/patch";
+import {useService} from "@web/core/utils/hooks";
+import utils from "vault.utils";
+import vault from "vault";
+
+patch(FormController.prototype, "vault", {
+    /**
+     * Re-encrypt the key if the user is getting selected
+     *
+     * @private
+     */
+    async _vaultSendWizard() {
+        const record = this.model.root;
+        if (record.resModel !== "vault.send.wizard") return;
+
+        if (!record.data.user_id || !record.data.public) return;
+
+        const key = await vault.unwrap(record.data.key);
+        await record.update({key_user: await vault.wrap_with(key, record.data.public)});
+    },
+
+    /**
+     * Re-encrypt the key if the entry is getting selected
+     *
+     * @private
+     * @param {Object} record
+     * @param {Object} changes
+     * @param {Object} options
+     */
+    async _vaultStoreWizard() {
+        const record = this.model.root;
+        if (
+            !record.data.entry_id ||
+            !record.data.master_key ||
+            !record.data.iv ||
+            !record.data.secret_temporary
+        )
+            return;
+
+        const key = await vault.unwrap(record.data.key);
+        const secret = await utils.sym_decrypt(
+            key,
+            record.data.secret_temporary,
+            record.data.iv
+        );
+        const master_key = await vault.unwrap(record.data.master_key);
+
+        await record.update({
+            secret: await utils.sym_encrypt(master_key, secret, record.data.iv),
+        });
+    },
+
+    /**
+     * Generate a new key pair for the current user
+     *
+     * @private
+     */
+    async _newVaultKeyPair() {
+        // Get the current private key
+        const private_key = await vault.get_private_key();
+
+        // Generate new keys
+        await vault.generate_keys();
+
+        const public_key = await vault.get_public_key();
+
+        // Re-encrypt the master keys
+        const master_keys = await this.rpc("/vault/rights/get");
+        let result = {};
+        for (const uuid in master_keys) {
+            result[uuid] = await utils.wrap(
+                await utils.unwrap(master_keys[uuid], private_key),
+                public_key
+            );
+        }
+
+        await this.rpc("/vault/rights/store", {keys: result});
+
+        // Re-encrypt the inboxes to not loose it
+        const inbox_keys = await this.rpc("/vault/inbox/get");
+        result = {};
+        for (const uuid in inbox_keys) {
+            result[uuid] = await utils.wrap(
+                await utils.unwrap(inbox_keys[uuid], private_key),
+                public_key
+            );
+        }
+
+        await this.rpc("/vault/inbox/store", {keys: result});
+    },
+
+    /**
+     * Generate a new key pair and re-encrypt the master keys of the vaults
+     *
+     * @private
+     */
+    async _vaultRegenerateKey() {
+        if (!utils.supported()) return;
+
+        var self = this;
+
+        Dialog.confirm(
+            self,
+            _lt("Do you really want to create a new key pair and set it active?"),
+            {
+                confirm_callback: function () {
+                    return self._newVaultKeyPair();
+                },
+            }
+        );
+    },
+
+    /**
+     * Handle the deletion of a vault.right field in the vault view properly by
+     * generating a new master key and re-encrypting everything in the vault to
+     * deny any future access to the vault.
+     *
+     * @private
+     * @param {Boolean} verify
+     * @param {Boolean} force
+     */
+    async _reencryptVault(verify = false, force = false) {
+        const record = this.model.root;
+
+        await vault._ensure_keys();
+
+        const self = this;
+        const master_key = await utils.generate_key();
+        const current_key = await vault.unwrap(record.data.master_key);
+
+        // This stores the additional changes made to rights, fields, and files
+        const changes = [];
+        const problems = [];
+
+        async function reencrypt(model, type) {
+            // Load the entire data from the database
+            const records = await self.model.orm.searchRead(
+                model,
+                [["vault_id", "=", record.resId]],
+                ["iv", "value", "name", "entry_name"],
+                {
+                    context: {vault_reencrypt: true},
+                    limit: 0,
+                }
+            );
+
+            for (const rec of records) {
+                const val = await utils.sym_decrypt(current_key, rec.value, rec.iv);
+                if (val === null) {
+                    problems.push(
+                        _.str.sprintf(
+                            _lt("%s '%s' of entry '%s'"),
+                            type,
+                            rec.name,
+                            rec.entry_name
+                        )
+                    );
+                    continue;
+                }
+
+                const iv = utils.generate_iv_base64();
+                const encrypted = await utils.sym_encrypt(master_key, val, iv);
+
+                changes.push({
+                    id: rec.id,
+                    model: model,
+                    value: encrypted,
+                    iv: iv,
+                });
+            }
+        }
+
+        framework.blockUI();
+        try {
+            // Update the rights. Load without limit
+            const rights = await self.model.orm.searchRead(
+                "vault.right",
+                [["vault_id", "=", record.resId]],
+                ["public_key"],
+                {limit: 0}
+            );
+
+            for (const right of rights) {
+                const key = await vault.wrap_with(master_key, right.public_key);
+
+                changes.push({
+                    id: right.id,
+                    model: "vault.right",
+                    key: key,
+                });
+            }
+
+            // Re-encrypt vault.field and vault.file
+            await reencrypt("vault.field", "Field");
+            await reencrypt("vault.file", "File");
+
+            if (problems.length && !force) {
+                framework.unblockUI();
+
+                Dialog.alert(self, "", {
+                    title: _lt("The following entries are broken:"),
+                    $content: $("<div/>").html(problems.join("<br>\n")),
+                });
+            }
+
+            if (!verify) {
+                await this.rpc("/vault/replace", {data: changes});
+                await this.model.root.load();
+            }
+        } finally {
+            framework.unblockUI();
+        }
+    },
+
+    /**
+     * Call the right importer in the import wizard onchange of the content field
+     *
+     * @private
+     */
+    async _vaultImportWizard() {
+        const record = this.model.root;
+        if (record.resModel !== "vault.import.wizard") return;
+
+        // Try to import the file on the fly and store the compatible JSON in the
+        // crypted_content field for the python backend
+        const importer = new Importer();
+        const data = await importer.import(
+            await vault.unwrap(record.data.master_key),
+            record.data.name,
+            atob(record.data.content)
+        );
+
+        if (data) await record.update({crypted_content: JSON.stringify(data)});
+    },
+
+    /**
+     * Ensure that a vault.right as the shared master_key set
+     *
+     * @private
+     * @param {Object} root
+     * @param {Object} right
+     */
+    async _vaultEnsureRightKey(root, right) {
+        if (!root.data.master_key || right.data.master_key) return;
+
+        const params = {user_id: right.data.user_id[0]};
+        const user = await this.rpc("/vault/public", params);
+
+        if (!user || !user.public_key) throw new TypeError("User has no public key");
+
+        await right.update({
+            key: await vault.share(root.data.master_key, user.public_key),
+        });
+    },
+
+    /**
+     * Ensures that the master_key of the vault and right lines are set
+     *
+     * @private
+     */
+    async _vaultEnsureKeys() {
+        const root = this.model.root;
+        if (root.resModel !== "vault") return;
+
+        if (!root.data.master_key)
+            await root.update({
+                master_key: await vault.wrap(await utils.generate_key()),
+            });
+
+        if (root.data.right_ids)
+            for (const right of root.data.right_ids.records)
+                await this._vaultEnsureRightKey(root, right);
+    },
+
+    /**
+     * Check the model of the form and call the above functions for the right case
+     *
+     * @private
+     * @param {Object} button
+     */
+    async _vaultAction(button) {
+        if (!utils.supported()) return false;
+
+        const root = this.model.root;
+        switch (root.resModel) {
+            case "res.users":
+                if (button && button.name === "vault_generate_key") {
+                    await this._vaultRegenerateKey();
+                    return false;
+                }
+                break;
+            case "vault":
+                if (button && button.name === "vault_reencrypt") {
+                    await this._reencryptVault(false, true);
+                    return false;
+                } else if (button && button.name === "vault_verify") {
+                    await this._reencryptVault(true, false);
+                    return false;
+                }
+
+                await this._vaultEnsureKeys();
+                break;
+
+            case "vault.send.wizard":
+                await this._vaultSendWizard();
+                break;
+
+            case "vault.store.wizard":
+                await this._vaultStoreWizard();
+                break;
+
+            case "vault.import.wizard":
+                await this._vaultImportWizard();
+                break;
+        }
+
+        return true;
+    },
+
+    /**
+     * Add the required rpc service to the controller which will be used to
+     * get/store information from/to the vault controller
+     */
+    setup() {
+        this._super(...arguments);
+        this.rpc = useService("rpc");
+    },
+
+    /**
+     * Hook into the relevant functions
+     */
+    async create() {
+        const _super = this._super.bind(this);
+        if (this.model.root.isDirty) await this._vaultAction();
+
+        const ret = await _super(...arguments);
+        return ret;
+    },
+
+    async onPagerUpdate() {
+        const _super = this._super.bind(this);
+        if (this.model.root.isDirty) await this._vaultAction();
+        return await _super(...arguments);
+    },
+
+    async saveButtonClicked() {
+        const _super = this._super.bind(this);
+        if (this.model.root.isDirty) await this._vaultAction();
+        return await _super(...arguments);
+    },
+
+    async beforeLeave() {
+        const _super = this._super.bind(this);
+        if (this.model.root.isDirty) await this._vaultAction();
+        return await _super(...arguments);
+    },
+
+    async beforeUnload() {
+        const _super = this._super.bind(this);
+        if (this.model.root.isDirty) await this._vaultAction();
+        return await _super(...arguments);
+    },
+
+    async beforeExecuteActionButton(clickParams) {
+        const _super = this._super.bind(this);
+        if (clickParams.special !== "cancel") {
+            const _continue = await this._vaultAction(clickParams);
+            if (!_continue) return false;
+        }
+
+        return await _super(...arguments);
+    },
+});
diff --git a/vault/static/src/backend/export.esm.js b/vault/static/src/backend/export.esm.js
index abb324f313..f14ac14cec 100644
--- a/vault/static/src/backend/export.esm.js
+++ b/vault/static/src/backend/export.esm.js
@@ -1,8 +1,8 @@
 /** @odoo-module alias=vault.export **/
-// © 2021-2022 Florian Kantelberg - initOS GmbH
+// © 2021-2024 Florian Kantelberg - initOS GmbH
 // License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
 
-import {_t} from "web.core";
+import {_lt} from "@web/core/l10n/translation";
 import utils from "vault.utils";
 
 // This class handles the export to different formats by using a standardize
@@ -86,7 +86,7 @@ export default class VaultExporter {
     async _export_json(master_key, data) {
         // Get the password for the exported file from the user
         const askpass = await utils.askpass(
-            _t("Please enter the password for the database")
+            _lt("Please enter the password for the database")
         );
         let password = askpass.password || "";
         if (askpass.keyfile)
@@ -94,7 +94,7 @@ export default class VaultExporter {
 
         const iv = utils.generate_iv_base64();
         const salt = utils.generate_bytes(utils.SaltLength).buffer;
-        const iterations = 4000;
+        const iterations = utils.Derive.iterations;
         const key = await utils.derive_key(password, salt, iterations);
 
         // Unwrap the master key and decrypt the entries
diff --git a/vault/static/src/backend/fields/templates.xml b/vault/static/src/backend/fields/templates.xml
new file mode 100644
index 0000000000..b5619af48b
--- /dev/null
+++ b/vault/static/src/backend/fields/templates.xml
@@ -0,0 +1,121 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<templates id="template" xml:space="preserve">
+    <t t-name="vault.Field.buttons.send" owl="1">
+        <button
+            t-if="sendButton"
+            t-on-click="_onSendValue"
+            class="btn btn-secondary btn-sm fa fa-share-alt o_vault_send"
+            title="Send the secret to an user"
+            aria-label="Send the secret to an user"
+        />
+    </t>
+
+    <t t-name="vault.Field.buttons" owl="1">
+        <button
+            t-if="!state.decrypted &amp;&amp; showButton"
+            t-on-click="_onShowValue"
+            class="btn btn-secondary btn-sm fa fa-eye o_vault_show"
+            title="Show"
+            aria-label="Show"
+        />
+        <button
+            t-elif="showButton"
+            t-on-click="_onShowValue"
+            class="btn btn-secondary btn-sm fa fa-eye-slash o_vault_show"
+            title="Hide"
+            aria-label="Hide"
+        />
+        <button
+            t-if="copyButton"
+            t-on-click="_onCopyValue"
+            class="btn btn-secondary btn-sm fa fa-clipboard o_vault_clipboard"
+            title="Copy to clipboard"
+            aria-label="Copy to clipboard"
+        />
+        <t t-call="vault.Field.buttons.send" />
+    </t>
+
+    <t t-name="vault.FieldVault" owl="1">
+        <div class="o_vault o_vault_error" t-if="!supported()">
+            <span>*******</span>
+        </div>
+        <div class="o_vault" t-elif="props.readonly">
+            <span class="o_vault_buttons">
+                <t t-call="vault.Field.buttons" />
+            </span>
+            <span t-esc="formattedValue" t-ref="span" />
+        </div>
+        <div class="o_vault" t-else="">
+            <span class="o_vault_buttons">
+                <button
+                    t-if="generateButton"
+                    t-on-click="_onGenerateValue"
+                    class="btn btn-secondary btn-sm fa fa-lock o_vault_generate"
+                    title="Generate"
+                    aria-label="Generate"
+                />
+            </span>
+            <input class="o_input" type="text" t-esc="formattedValue" t-ref="input" />
+        </div>
+    </t>
+
+    <t
+        t-name="vault.FileVault"
+        t-inherit="web.BinaryField"
+        t-inherit-mode="primary"
+        owl="1"
+    >
+        <xpath expr="//button[hasclass('o_clear_file_button')]" position="after">
+            <t t-call="vault.Field.buttons.send" />
+        </xpath>
+    </t>
+
+    <t t-name="vault.FieldVaultInbox" owl="1">
+        <div class="o_vault o_vault_error" t-if="!supported()">
+            <span>*******</span>
+        </div>
+        <div class="o_vault" t-elif="props.value">
+            <span class="o_vault_buttons">
+                <t t-call="vault.Field.buttons" />
+                <button
+                    t-if="saveButton"
+                    t-on-click="_onSaveValue"
+                    class="btn btn-secondary btn-sm fa fa-save"
+                    title="Save in a vault"
+                    aria-label="Save in a vault"
+                />
+            </span>
+
+            <span class="o_vault_inbox" t-esc="formattedValue" t-ref="span" />
+        </div>
+    </t>
+
+    <t t-name="vault.FileVaultInbox" owl="1">
+        <div class="o_vault o_vault_error" t-if="!supported()">
+            <span>*******</span>
+        </div>
+        <div class="o_vault" t-elif="props.value">
+            <span class="o_vault_buttons">
+                <button
+                    t-if="saveButton"
+                    t-on-click="_onSaveValue"
+                    class="btn btn-secondary btn-sm fa fa-save"
+                    title="Save in a vault"
+                    aria-label="Save in a vault"
+                />
+            </span>
+
+            <a class="o_form_uri" href="#" t-on-click.prevent="onFileDownload">
+                <span class="fa fa-download me-2" />
+                <t t-if="state.fileName" t-esc="state.fileName" />
+            </a>
+        </div>
+    </t>
+
+    <t t-name="vault.FileVaultExport" owl="1">
+        <a class="o_form_uri" href="#" t-on-click.prevent="onFileDownload">
+            <span class="fa fa-download me-2" />
+            <t t-if="state.fileName" t-esc="state.fileName" />
+        </a>
+    </t>
+</templates>
diff --git a/vault/static/src/backend/fields/vault_export_file.esm.js b/vault/static/src/backend/fields/vault_export_file.esm.js
new file mode 100644
index 0000000000..779a31d612
--- /dev/null
+++ b/vault/static/src/backend/fields/vault_export_file.esm.js
@@ -0,0 +1,45 @@
+/** @odoo-module alias=vault.export.file **/
+// © 2021-2024 Florian Kantelberg - initOS GmbH
+// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import {BinaryField} from "@web/views/fields/binary/binary_field";
+import Exporter from "vault.export";
+import VaultMixin from "vault.mixin";
+import {_lt} from "@web/core/l10n/translation";
+import {downloadFile} from "@web/core/network/download";
+import {registry} from "@web/core/registry";
+import utils from "vault.utils";
+
+export default class VaultExportFile extends VaultMixin(BinaryField) {
+    /**
+     * Call the exporter and download the finalized file
+     */
+    async onFileDownload() {
+        if (!this.props.value) {
+            this.do_warn(
+                _lt("Save As..."),
+                _lt("The field is empty, there's nothing to save!")
+            );
+        } else if (utils.supported()) {
+            const exporter = new Exporter();
+            const content = JSON.stringify(
+                await exporter.export(
+                    await this._getMasterKey(),
+                    this.state.fileName,
+                    this.props.value
+                )
+            );
+
+            const buffer = new ArrayBuffer(content.length);
+            const arr = new Uint8Array(buffer);
+            for (let i = 0; i < content.length; i++) arr[i] = content.charCodeAt(i);
+
+            const blob = new Blob([arr]);
+            await downloadFile(blob, this.state.fileName || "");
+        }
+    }
+}
+
+VaultExportFile.template = "vault.FileVaultExport";
+
+registry.category("fields").add("vault_export_file", VaultExportFile);
diff --git a/vault/static/src/backend/fields/vault_field.esm.js b/vault/static/src/backend/fields/vault_field.esm.js
new file mode 100644
index 0000000000..a12deb9db8
--- /dev/null
+++ b/vault/static/src/backend/fields/vault_field.esm.js
@@ -0,0 +1,200 @@
+/** @odoo-module alias=vault.field **/
+// © 2021-2024 Florian Kantelberg - initOS GmbH
+// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import {Component, useEffect, useRef, useState} from "@odoo/owl";
+import {useBus, useService} from "@web/core/utils/hooks";
+import VaultMixin from "vault.mixin";
+import {_lt} from "@web/core/l10n/translation";
+import {getActiveHotkey} from "@web/core/hotkeys/hotkey_service";
+import {registry} from "@web/core/registry";
+import utils from "vault.utils";
+
+export default class VaultField extends VaultMixin(Component) {
+    setup() {
+        super.setup();
+
+        this.action = useService("action");
+        this.input = useRef("input");
+        this.span = useRef("span");
+        this.state = useState({
+            decrypted: false,
+            decryptedValue: "",
+            isDirty: false,
+            lastSetValue: null,
+        });
+
+        const self = this;
+        useEffect(
+            (inputEl) => {
+                if (inputEl) {
+                    const onInput = self.onInput.bind(self);
+                    const onKeydown = self.onKeydown.bind(self);
+
+                    inputEl.addEventListener("input", onInput);
+                    inputEl.addEventListener("keydown", onKeydown);
+                    return () => {
+                        inputEl.removeEventListener("input", onInput);
+                        inputEl.removeEventListener("keydown", onKeydown);
+                    };
+                }
+            },
+            () => [self.input.el]
+        );
+
+        useEffect(() => {
+            const isInvalid = self.props.record
+                ? self.props.record.isInvalid(self.props.name)
+                : false;
+
+            if (self.input.el && !self.state.isDirty && !isInvalid) {
+                Promise.resolve(self.getValue()).then((val) => {
+                    if (!self.input.el) return;
+
+                    if (val) self.input.el.value = val;
+                    else if (val !== "")
+                        self.props.record.setInvalidField(self.props.name);
+                });
+                self.state.lastSetValue = self.input.el.value;
+            }
+        });
+
+        useBus(self.env.bus, "RELATIONAL_MODEL:WILL_SAVE_URGENTLY", () =>
+            self.commitChanges(true)
+        );
+        useBus(self.env.bus, "RELATIONAL_MODEL:NEED_LOCAL_CHANGES", (ev) =>
+            ev.detail.proms.push(self.commitChanges())
+        );
+    }
+
+    /**
+     * Open a dialog to generate a new secret
+     *
+     * @param {Object} ev
+     */
+    async _onGenerateValue(ev) {
+        ev.stopPropagation();
+
+        const password = await utils.generate_pass();
+        await this.storeValue(password);
+    }
+
+    /**
+     * Toggle between visible and invisible secret
+     *
+     * @param {Object} ev
+     */
+    async _onShowValue(ev) {
+        ev.stopPropagation();
+
+        this.state.decrypted = !this.state.decrypted;
+        if (this.state.decrypted) {
+            this.state.decryptedValue = await this._decrypt(this.props.value);
+        } else {
+            this.state.decryptedValue = "";
+        }
+
+        await this.showValue();
+    }
+
+    /**
+     * Copy the decrypted secret to the clipboard
+     *
+     * @param {Object} ev
+     */
+    async _onCopyValue(ev) {
+        ev.stopPropagation();
+
+        const value = await this._decrypt(this.props.value);
+        await navigator.clipboard.writeText(value);
+    }
+
+    /**
+     * Send the secret to an inbox of an user
+     *
+     * @param {Object} ev
+     */
+    async _onSendValue(ev) {
+        ev.stopPropagation();
+
+        await this.sendValue(this.props.value, "");
+    }
+
+    /**
+     * Get the decrypted value or a placeholder
+     *
+     * @returns the decrypted value or a placeholder
+     */
+    get formattedValue() {
+        if (!this.props.value) return "";
+        if (this.state.decrypted) return this.state.decryptedValue || "*******";
+        return "*******";
+    }
+
+    /**
+     * Decrypt the value of the field
+     *
+     * @returns decrypted value
+     */
+    async getValue() {
+        return await this._decrypt(this.props.value);
+    }
+
+    /**
+     * Update the value shown
+     */
+    async showValue() {
+        this.span.el.innerHTML = this.formattedValue;
+    }
+
+    /**
+     * Handle input event and set the state to dirty
+     *
+     * @param {Object} ev
+     */
+    onInput(ev) {
+        ev.stopPropagation();
+
+        this.state.isDirty = ev.target.value !== this.lastSetValue;
+        if (this.props.setDirty) this.props.setDirty(this.state.isDirty);
+    }
+
+    /**
+     * Commit the changes of the input field to the record
+     *
+     * @param {Boolean} urgent
+     */
+    async commitChanges(urgent) {
+        if (!this.input.el) return;
+
+        this.state.isDirty = this.input.el.value !== this.lastSetValue;
+        if (this.state.isDirty || urgent) {
+            this.state.isDirty = false;
+
+            const val = this.input.el.value || false;
+            if (val !== (this.state.lastSetValue || false)) {
+                this.state.lastSetValue = this.input.el.value;
+                await this.storeValue(val);
+                this.props.setDirty(this.state.isDirty);
+            }
+        }
+    }
+
+    /**
+     * Handle keyboard events and trigger changes
+     *
+     * @param {Object} ev
+     */
+    onKeydown(ev) {
+        ev.stopPropagation();
+
+        const hotkey = getActiveHotkey(ev);
+        if (["enter", "tab", "shift+tab"].includes(hotkey)) this.commitChanges(false);
+    }
+}
+
+VaultField.displayName = _lt("Vault Field");
+VaultField.supportedTypes = ["char"];
+VaultField.template = "vault.FieldVault";
+
+registry.category("fields").add("vault_field", VaultField);
diff --git a/vault/static/src/backend/fields/vault_file.esm.js b/vault/static/src/backend/fields/vault_file.esm.js
new file mode 100644
index 0000000000..e2aba7eff0
--- /dev/null
+++ b/vault/static/src/backend/fields/vault_file.esm.js
@@ -0,0 +1,61 @@
+/** @odoo-module alias=vault.file **/
+// © 2021-2024 Florian Kantelberg - initOS GmbH
+// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import {BinaryField} from "@web/views/fields/binary/binary_field";
+import VaultMixin from "vault.mixin";
+import {_lt} from "@web/core/l10n/translation";
+import {downloadFile} from "@web/core/network/download";
+import {registry} from "@web/core/registry";
+import {useService} from "@web/core/utils/hooks";
+import utils from "vault.utils";
+
+export default class VaultFile extends VaultMixin(BinaryField) {
+    setup() {
+        super.setup();
+
+        this.action = useService("action");
+    }
+
+    async update({data, name}) {
+        const encrypted = await this._encrypt(data);
+        return await super.update({data: encrypted, name: name});
+    }
+
+    /**
+     * Send the secret to an inbox of an user
+     *
+     * @param {Object} ev
+     */
+    async _onSendValue(ev) {
+        ev.stopPropagation();
+
+        await this.sendValue("", this.props.value, this.state.fileName);
+    }
+
+    /**
+     * Decrypt the file and download it
+     */
+    async onFileDownload() {
+        if (!this.props.value) {
+            this.do_warn(
+                _lt("Save As..."),
+                _lt("The field is empty, there's nothing to save!")
+            );
+        } else if (utils.supported()) {
+            const decrypted = await this._decrypt(this.props.value);
+            const base64 = atob(decrypted);
+            const buffer = new ArrayBuffer(base64.length);
+            const arr = new Uint8Array(buffer);
+            for (let i = 0; i < base64.length; i++) arr[i] = base64.charCodeAt(i);
+
+            const blob = new Blob([arr]);
+            await downloadFile(blob, this.state.fileName || "");
+        }
+    }
+}
+
+VaultFile.displayName = _lt("Vault File");
+VaultFile.template = "vault.FileVault";
+
+registry.category("fields").add("vault_file", VaultFile);
diff --git a/vault/static/src/backend/fields/vault_inbox_field.esm.js b/vault/static/src/backend/fields/vault_inbox_field.esm.js
new file mode 100644
index 0000000000..fd9ae7bbfa
--- /dev/null
+++ b/vault/static/src/backend/fields/vault_inbox_field.esm.js
@@ -0,0 +1,49 @@
+/** @odoo-module alias=vault.inbox.field **/
+// © 2021-2024 Florian Kantelberg - initOS GmbH
+// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import VaultField from "vault.field";
+import VaultInboxMixin from "vault.inbox.mixin";
+import {_lt} from "@web/core/l10n/translation";
+import {registry} from "@web/core/registry";
+import utils from "vault.utils";
+import vault from "vault";
+
+export default class VaultInboxField extends VaultInboxMixin(VaultField) {
+    /**
+     * Save the content in an entry of a vault
+     *
+     * @private
+     */
+    async _onSaveValue() {
+        await this.saveValue("vault.field", this.props.value);
+    }
+
+    /**
+     * Decrypt the data with the private key of the vault
+     *
+     * @private
+     * @param {String} data
+     * @returns the decrypted data
+     */
+    async _decrypt(data) {
+        if (!utils.supported()) return null;
+
+        const iv = this.props.record.data[this.props.fieldIV];
+        const wrapped_key = this.props.record.data[this.props.fieldKey];
+
+        if (!iv || !wrapped_key) return false;
+
+        const key = await vault.unwrap(wrapped_key);
+        return await utils.sym_decrypt(key, data, iv);
+    }
+}
+
+VaultInboxField.defaultProps = {
+    ...VaultField.defaultProps,
+    fieldKey: "key",
+};
+VaultInboxField.displayName = _lt("Vault Inbox Field");
+VaultInboxField.template = "vault.FieldVaultInbox";
+
+registry.category("fields").add("vault_inbox_field", VaultInboxField);
diff --git a/vault/static/src/backend/fields/vault_inbox_file.esm.js b/vault/static/src/backend/fields/vault_inbox_file.esm.js
new file mode 100644
index 0000000000..224af9e122
--- /dev/null
+++ b/vault/static/src/backend/fields/vault_inbox_file.esm.js
@@ -0,0 +1,49 @@
+/** @odoo-module alias=vault.inbox.file **/
+// © 2021-2024 Florian Kantelberg - initOS GmbH
+// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import VaultFile from "vault.file";
+import VaultInboxMixin from "vault.inbox.mixin";
+import {_lt} from "@web/core/l10n/translation";
+import {registry} from "@web/core/registry";
+import utils from "vault.utils";
+import vault from "vault";
+
+export default class VaultInboxFile extends VaultInboxMixin(VaultFile) {
+    /**
+     * Save the content in an entry of a vault
+     *
+     * @private
+     */
+    async _onSaveValue() {
+        await this.saveValue("vault.file", this.props.value, this.state.fileName);
+    }
+
+    /**
+     * Decrypt the data with the private key of the vault
+     *
+     * @private
+     * @param {String} data
+     * @returns the decrypted data
+     */
+    async _decrypt(data) {
+        if (!utils.supported()) return null;
+
+        const iv = this.props.record.data[this.props.fieldIV];
+        const wrapped_key = this.props.record.data[this.props.fieldKey];
+
+        if (!iv || !wrapped_key) return false;
+
+        const key = await vault.unwrap(wrapped_key);
+        return await utils.sym_decrypt(key, data, iv);
+    }
+}
+
+VaultInboxFile.defaultProps = {
+    ...VaultFile.defaultProps,
+    fieldKey: "key",
+};
+VaultInboxFile.displayName = _lt("Vault Inbox File");
+VaultInboxFile.template = "vault.FileVaultInbox";
+
+registry.category("fields").add("vault_inbox_file", VaultInboxFile);
diff --git a/vault/static/src/backend/fields/vault_inbox_mixin.esm.js b/vault/static/src/backend/fields/vault_inbox_mixin.esm.js
new file mode 100644
index 0000000000..9bc3f2e2aa
--- /dev/null
+++ b/vault/static/src/backend/fields/vault_inbox_mixin.esm.js
@@ -0,0 +1,64 @@
+/** @odoo-module alias=vault.inbox.mixin **/
+// © 2021-2024 Florian Kantelberg - initOS GmbH
+// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import {_lt} from "@web/core/l10n/translation";
+import {useService} from "@web/core/utils/hooks";
+import utils from "vault.utils";
+import vault from "vault";
+
+export default (x) => {
+    class Extended extends x {
+        setup() {
+            super.setup();
+
+            if (!this.action) this.action = useService("action");
+        }
+
+        /**
+         * Save the content in an entry of a vault
+         *
+         * @private
+         * @param {String} model
+         * @param {String} value
+         * @param {String} name
+         */
+        async saveValue(model, value, name = "") {
+            const key = await utils.generate_key();
+            const iv = utils.generate_iv_base64();
+            const decrypted = await this._decrypt(value);
+
+            this.action.doAction({
+                type: "ir.actions.act_window",
+                title: _lt("Store the secret in a vault"),
+                target: "new",
+                res_model: "vault.store.wizard",
+                views: [[false, "form"]],
+                context: {
+                    default_model: model,
+                    default_secret_temporary: await utils.sym_encrypt(
+                        key,
+                        decrypted,
+                        iv
+                    ),
+                    default_name: name,
+                    default_iv: iv,
+                    default_key: await vault.wrap(key),
+                },
+            });
+        }
+    }
+
+    Extended.props = {
+        ...x.props,
+        storeModel: {type: String, optional: true},
+    };
+
+    Extended.extractProps = ({attrs}) => {
+        return {
+            storeModel: attrs.store,
+        };
+    };
+
+    return Extended;
+};
diff --git a/vault/static/src/backend/fields/vault_mixin.esm.js b/vault/static/src/backend/fields/vault_mixin.esm.js
new file mode 100644
index 0000000000..96b447639b
--- /dev/null
+++ b/vault/static/src/backend/fields/vault_mixin.esm.js
@@ -0,0 +1,197 @@
+/** @odoo-module alias=vault.mixin **/
+// © 2021-2024 Florian Kantelberg - initOS GmbH
+// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import {_lt} from "@web/core/l10n/translation";
+import {standardFieldProps} from "@web/views/fields/standard_field_props";
+import utils from "vault.utils";
+import vault from "vault";
+
+export default (x) => {
+    class Extended extends x {
+        supported() {
+            return utils.supported();
+        }
+
+        // Control the visibility of the buttons
+        get showButton() {
+            return this.props.value;
+        }
+        get copyButton() {
+            return this.props.value;
+        }
+        get sendButton() {
+            return this.props.value;
+        }
+        get saveButton() {
+            return this.props.value;
+        }
+        get generateButton() {
+            return true;
+        }
+        get isNew() {
+            return Boolean(this.model.record.isNew);
+        }
+
+        /**
+         * Set the value by encrypting it
+         *
+         * @param {String} value
+         * @param {Object} options
+         */
+        async storeValue(value, options) {
+            if (!utils.supported()) return;
+
+            const encrypted = await this._encrypt(value);
+            await this.props.update(encrypted, options);
+        }
+
+        /**
+         * Send the value to an inbox
+         *
+         * @param {String} value_field
+         * @param {String} value_file
+         * @param {String} filename
+         */
+        async sendValue(value_field = "", value_file = "", filename = "") {
+            if (!utils.supported()) return;
+
+            if (!value_field && !value_file) return;
+
+            let enc_field = false,
+                enc_file = false;
+
+            // Prepare the key and iv for the reencryption
+            const key = await utils.generate_key();
+            const iv = utils.generate_iv_base64();
+
+            // Reencrypt the field
+            if (value_field) {
+                const decrypted = await this._decrypt(value_field);
+                enc_field = await utils.sym_encrypt(key, decrypted, iv);
+            }
+
+            // Reencrypt the file
+            if (value_file) {
+                const decrypted = await this._decrypt(value_file);
+                enc_file = await utils.sym_encrypt(key, decrypted, iv);
+            }
+
+            // Call the wizard to handle the user selection and storage
+            this.action.doAction({
+                type: "ir.actions.act_window",
+                title: _lt("Send the secret to another user"),
+                target: "new",
+                res_model: "vault.send.wizard",
+                views: [[false, "form"]],
+                context: {
+                    default_secret: enc_field,
+                    default_secret_file: enc_file,
+                    default_filename: filename || false,
+                    default_iv: iv,
+                    default_key: await vault.wrap(key),
+                },
+            });
+        }
+
+        /**
+         * Set the value of a different field
+         *
+         * @param {String} field
+         * @param {String} value
+         */
+        async _setFieldValue(field, value) {
+            this.props.record.update({[field]: value});
+        }
+
+        /**
+         * Extract the IV or generate a new one if needed
+         *
+         * @returns the IV to use
+         */
+        async _getIV() {
+            if (!utils.supported()) return null;
+
+            // Read the IV from the field
+            let iv = this.props.record.data[this.props.fieldIV];
+            if (iv) return iv;
+
+            // Generate a new IV
+            iv = utils.generate_iv_base64();
+            await this._setFieldValue(this.props.fieldIV, iv);
+            return iv;
+        }
+
+        /**
+         * Extract the master key of the vault or generate a new one
+         *
+         * @returns the master key to use
+         */
+        async _getMasterKey() {
+            if (!utils.supported()) return null;
+
+            // Check if the master key is already extracted
+            if (this.key) return await vault.unwrap(this.key);
+
+            // Get the wrapped master key from the field
+            this.key = this.props.record.data[this.props.fieldKey];
+            if (this.key) return await vault.unwrap(this.key);
+
+            // Generate a new master key and write it to the field
+            const key = await utils.generate_key();
+            this.key = await vault.wrap(key);
+            await this._setFieldValue(this.props.fieldKey, this.key);
+            return key;
+        }
+
+        /**
+         * Decrypt data with the master key stored in the vault
+         *
+         * @param {String} data
+         * @returns the decrypted data
+         */
+        async _decrypt(data) {
+            if (!utils.supported()) return null;
+
+            const iv = await this._getIV();
+            const key = await this._getMasterKey();
+            return await utils.sym_decrypt(key, data, iv);
+        }
+
+        /**
+         * Encrypt data with the master key stored in the vault
+         *
+         * @param {String} data
+         * @returns the encrypted data
+         */
+        async _encrypt(data) {
+            if (!utils.supported()) return null;
+
+            const iv = await this._getIV();
+            const key = await this._getMasterKey();
+            return await utils.sym_encrypt(key, data, iv);
+        }
+    }
+
+    Extended.defaultProps = {
+        ...x.defaultProps,
+        fieldIV: "iv",
+        fieldKey: "master_key",
+    };
+    Extended.props = {
+        ...standardFieldProps,
+        ...x.props,
+        fieldKey: {type: String, optional: true},
+        fieldIV: {type: String, optional: true},
+    };
+    Extended.extractProps = ({attrs, field}) => {
+        const extract_props = x.extractProps || (() => ({}));
+        return {
+            ...extract_props({attrs, field}),
+            fieldKey: attrs.key,
+            fieldIV: attrs.iv,
+        };
+    };
+
+    return Extended;
+};
diff --git a/vault/static/src/backend/import.esm.js b/vault/static/src/backend/import.esm.js
index c2033d740b..3fccc76846 100644
--- a/vault/static/src/backend/import.esm.js
+++ b/vault/static/src/backend/import.esm.js
@@ -1,5 +1,5 @@
 /** @odoo-module alias=vault.import **/
-// © 2021-2022 Florian Kantelberg - initOS GmbH
+// © 2021-2024 Florian Kantelberg - initOS GmbH
 // License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
 
 /* global kdbxweb */
diff --git a/vault/static/src/backend/list_renderer.esm.js b/vault/static/src/backend/list_renderer.esm.js
new file mode 100644
index 0000000000..8de81e33ce
--- /dev/null
+++ b/vault/static/src/backend/list_renderer.esm.js
@@ -0,0 +1,12 @@
+/** @odoo-module **/
+
+import {ListRenderer} from "@web/views/list/list_renderer";
+import {patch} from "@web/core/utils/patch";
+
+patch(ListRenderer.prototype, "vault", {
+    getCellTitle(column) {
+        const _super = this._super.bind(this);
+        const attrs = column.rawAttrs || {};
+        if (attrs.widget !== "vault_field") return _super(...arguments);
+    },
+});
diff --git a/vault/static/src/backend/templates.xml b/vault/static/src/backend/templates.xml
index b6e8cb73b1..e4512a105d 100644
--- a/vault/static/src/backend/templates.xml
+++ b/vault/static/src/backend/templates.xml
@@ -1,41 +1,5 @@
 <?xml version="1.0" encoding="UTF-8" ?>
 <templates id="template" xml:space="preserve">
-    <t t-extend="UserMenu.Actions">
-        <t t-jquery="[data-menu='settings']" t-operation="before">
-            <a
-                role="menuitem"
-                href="#"
-                data-menu="keys"
-                class="dropdown-item"
-            >Key Management</a>
-        </t>
-    </t>
-
-    <t t-name="vault.buttons">
-        <button
-            class="btn fa fa-eye o_vault_show"
-            t-if="show"
-            title="Show"
-            aria-label="Show"
-        />
-        <button
-            class="btn fa fa-eye-slash o_vault_show"
-            t-else=""
-            title="Hide"
-            aria-label="Hide"
-        />
-        <button
-            class="btn fa fa-clipboard o_vault_clipboard"
-            title="Copy to clipboard"
-            aria-label="Copy to clipboard"
-        />
-        <button
-            class="btn fa fa-share-alt o_vault_send"
-            title="Send the secret to an user"
-            aria-label="Send the secret to an user"
-        />
-    </t>
-
     <div t-name="vault.askpass" class="o_form_view">
         <label for="password" class="col-lg-auto col-form-label">
             Please enter your password or upload a keyfile:
@@ -133,56 +97,4 @@
             </tr>
         </table>
     </div>
-
-    <t t-name="FieldVault">
-        <div class="o_vault o_vault_error" t-if="!widget.supported()">
-            <span>*******</span>
-        </div>
-        <div class="o_vault" t-elif="widget.mode == 'edit'">
-            <button
-                class="btn fa fa-lock o_vault_generate"
-                title="Generate"
-                aria-label="Generate"
-            />
-            <input class="o_vault_value" t-esc="value" />
-        </div>
-        <div class="o_vault" t-else="">
-            <t t-call="vault.buttons" />
-            <span class="o_vault_value" t-esc="value" />
-        </div>
-    </t>
-
-    <t t-name="FieldVaultInbox">
-        <div class="o_vault o_vault_error" t-if="!widget.supported()">
-            <span>*******</span>
-        </div>
-        <div class="o_vault" t-else="">
-            <t t-call="vault.buttons" />
-            <button
-                class="btn fa fa-save o_vault_save"
-                title="Save in a vault"
-                aria-label="Save in a vault"
-            />
-
-            <span class="o_vault_inbox" t-esc="value" />
-        </div>
-    </t>
-
-    <t t-name="FileVaultInbox">
-        <div class="o_vault o_vault_error" t-if="!widget.supported()">
-            <span>*******</span>
-        </div>
-        <div class="o_vault" t-else="">
-            <button
-                class="btn fa fa-save o_vault_save"
-                title="Save in a vault"
-                aria-label="Save in a vault"
-            />
-
-            <span class="link">
-                <span class="fa fa-download" />
-                <t t-esc="filename" />
-            </span>
-        </div>
-    </t>
 </templates>
diff --git a/vault/static/src/backend/vault.esm.js b/vault/static/src/backend/vault.esm.js
index 96af61106e..cf5cfd29d0 100644
--- a/vault/static/src/backend/vault.esm.js
+++ b/vault/static/src/backend/vault.esm.js
@@ -1,12 +1,11 @@
 /** @odoo-module alias=vault **/
-// © 2021-2022 Florian Kantelberg - initOS GmbH
+// © 2021-2024 Florian Kantelberg - initOS GmbH
 // License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
 
-// web.dom_ready
-import * as utils from "vault.utils";
 import {_t} from "web.core";
 import ajax from "web.ajax";
 import {session} from "@web/session";
+import utils from "vault.utils";
 
 // Database name on the browser
 const Database = "vault";
@@ -48,7 +47,7 @@ class Vault {
      * @override
      */
     constructor() {
-        var self = this;
+        const self = this;
 
         function waitAndCheck() {
             if (!utils.supported()) return null;
@@ -93,6 +92,8 @@ class Vault {
      */
     async _check_key_migration(password = null) {
         if (!this.version) await this._export_to_database(password);
+        if (this.iterations < utils.Derive.iterations)
+            await this._export_to_database(password);
     }
 
     /**
@@ -131,9 +132,12 @@ class Vault {
      * @private
      */
     async _ensure_keys() {
+        // If the object store has the keys it's done
+        if (this.uuid && !this.time) await this._import_from_store();
+
         // Check if the keys expired
         const now = new Date();
-        if (now - this.time <= Expiration) return;
+        if (!this.time || now - this.time <= Expiration) return;
 
         // Keys expired means that we have to get them again
         this.keys = this.time = null;
@@ -290,7 +294,7 @@ class Vault {
     async _export_to_database(password = null) {
         // Generate salt for the user key
         this.salt = utils.generate_bytes(utils.SaltLength).buffer;
-        this.iterations = 4000;
+        this.iterations = utils.Derive.iterations;
         this.version = 1;
 
         // Wrap the private key with the master key of the user
diff --git a/vault/static/src/backend/vault.scss b/vault/static/src/backend/vault.scss
index 16838f4283..d8f61fbcd0 100644
--- a/vault/static/src/backend/vault.scss
+++ b/vault/static/src/backend/vault.scss
@@ -1,7 +1,13 @@
-.o_vault button {
-    padding: 0;
-}
-
 .o_vault_inbox {
     white-space: pre-wrap;
 }
+
+.o_field_cell .o_vault .o_vault_buttons {
+    float: right;
+    position: relative;
+    z-index: 10;
+}
+
+.o_vault .o_input {
+    width: auto;
+}
diff --git a/vault/static/src/common/utils.esm.js b/vault/static/src/common/utils.esm.js
index 95a5a3114b..5217851541 100644
--- a/vault/static/src/common/utils.esm.js
+++ b/vault/static/src/common/utils.esm.js
@@ -1,5 +1,5 @@
 /** @odoo-module alias=vault.utils **/
-// © 2021-2022 Florian Kantelberg - initOS GmbH
+// © 2021-2024 Florian Kantelberg - initOS GmbH
 // License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
 
 import {_t, qweb} from "web.core";
@@ -8,22 +8,24 @@ import Dialog from "web.Dialog";
 const CryptoAPI = window.crypto.subtle;
 
 // Some basic constants used for the entire vaults
-const AsymmetricName = "RSA-OAEP";
 const Hash = "SHA-512";
-const SymmetricName = "AES-GCM";
 
 const HashLength = 10;
 const IVLength = 12;
 const SaltLength = 32;
 
 const Asymmetric = {
-    name: AsymmetricName,
+    name: "RSA-OAEP",
     modulusLength: 4096,
     publicExponent: new Uint8Array([1, 0, 1]),
     hash: Hash,
 };
+const Derive = {
+    name: "PBKDF2",
+    iterations: 600001,
+};
 const Symmetric = {
-    name: SymmetricName,
+    name: "AES-GCM",
     length: 256,
 };
 
@@ -313,14 +315,14 @@ async function derive_key(data, salt, iterations) {
     const material = await CryptoAPI.importKey(
         "raw",
         enc.encode(data),
-        "PBKDF2",
+        Derive.name,
         false,
         ["deriveBits", "deriveKey"]
     );
 
     return await CryptoAPI.deriveKey(
         {
-            name: "PBKDF2",
+            name: Derive.name,
             salt: salt,
             iterations: iterations,
             hash: Hash,
@@ -344,7 +346,7 @@ async function asym_encrypt(public_key, data) {
 
     const enc = new TextEncoder();
     return toBase64(
-        await CryptoAPI.encrypt({name: AsymmetricName}, public_key, enc.encode(data))
+        await CryptoAPI.encrypt({name: Asymmetric.name}, public_key, enc.encode(data))
     );
 }
 
@@ -361,7 +363,7 @@ async function asym_decrypt(private_key, crypted) {
     const dec = new TextDecoder();
     return dec.decode(
         await CryptoAPI.decrypt(
-            {name: AsymmetricName},
+            {name: Asymmetric.name},
             private_key,
             fromBase64(crypted)
         )
@@ -383,7 +385,7 @@ async function sym_encrypt(key, data, iv) {
     const enc = new TextEncoder();
     return toBase64(
         await CryptoAPI.encrypt(
-            {name: SymmetricName, iv: fromBase64(iv), tagLength: 128},
+            {name: Symmetric.name, iv: fromBase64(iv), tagLength: 128},
             key,
             enc.encode(hash.slice(0, HashLength) + data)
         )
@@ -405,7 +407,7 @@ async function sym_decrypt(key, crypted, iv) {
         const dec = new TextDecoder();
         const message = dec.decode(
             await CryptoAPI.decrypt(
-                {name: SymmetricName, iv: fromBase64(iv), tagLength: 128},
+                {name: Symmetric.name, iv: fromBase64(iv), tagLength: 128},
                 key,
                 fromBase64(crypted)
             )
@@ -451,7 +453,7 @@ async function load_private_key(private_key, key, iv) {
         "pkcs8",
         fromBase64(private_key),
         key,
-        {name: SymmetricName, iv: fromBase64(iv), tagLength: 128},
+        {name: Symmetric.name, iv: fromBase64(iv), tagLength: 128},
         Asymmetric,
         true,
         ["unwrapKey", "decrypt"]
@@ -479,7 +481,7 @@ async function export_public_key(public_key) {
 async function export_private_key(private_key, key, iv) {
     return toBase64(
         await CryptoAPI.wrapKey("pkcs8", private_key, key, {
-            name: SymmetricName,
+            name: Symmetric.name,
             iv: iv,
             tagLength: 128,
         })
@@ -531,13 +533,12 @@ function capitalize(s) {
 export default {
     // Constants
     Asymmetric: Asymmetric,
-    AsymmetricName: AsymmetricName,
+    Derive: Derive,
     Hash: Hash,
     HashLength: HashLength,
     IVLength: IVLength,
     SaltLength: SaltLength,
     Symmetric: Symmetric,
-    SymmetricName: SymmetricName,
 
     // Crypto utility functions
     askpass: askpass,
diff --git a/vault/static/src/frontend/inbox.esm.js b/vault/static/src/frontend/inbox.esm.js
index a7b2363a72..759c032c13 100644
--- a/vault/static/src/frontend/inbox.esm.js
+++ b/vault/static/src/frontend/inbox.esm.js
@@ -1,5 +1,5 @@
-/** @odoo-modules alias=vault.inbox **/
-// © 2021-2022 Florian Kantelberg - initOS GmbH
+/** @odoo-module alias=vault.inbox **/
+// © 2021-2024 Florian Kantelberg - initOS GmbH
 // License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
 
 import utils from "vault.utils";
@@ -72,10 +72,23 @@ document.getElementById("secret_file").onchange = async function () {
     if (!this.files.length) return;
 
     const file = this.files[0];
-    const value = await file.text();
-    if (!value) return;
+    const reader = new FileReader();
+    let content = null;
 
-    const required = await encrypt_and_store(value, "encrypted_file");
+    const promise = new Promise((resolve) => {
+        reader.onload = () => {
+            if (reader.result.indexOf(",") >= 0) content = reader.result.split(",")[1];
+            resolve();
+        };
+    });
+
+    reader.readAsDataURL(file);
+
+    await promise;
+
+    if (!content) return;
+
+    const required = await encrypt_and_store(content, "encrypted_file");
     toggle_required(data.secret, !required);
     toggle_required(data.secret_file, required);
     data.filename.value = file.name;
diff --git a/vault/static/src/legacy/vault_controller.js b/vault/static/src/legacy/vault_controller.js
deleted file mode 100644
index 93bfc2f094..0000000000
--- a/vault/static/src/legacy/vault_controller.js
+++ /dev/null
@@ -1,389 +0,0 @@
-// © 2021 Florian Kantelberg - initOS GmbH
-// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
-
-odoo.define("vault.controller", function (require) {
-    "use strict";
-
-    var core = require("web.core");
-    var Dialog = require("web.Dialog");
-    var FormController = require("web.FormController");
-    var framework = require("web.framework");
-    var Importer = require("vault.import");
-    var utils = require("vault.utils");
-    var vault = require("vault");
-
-    var _t = core._t;
-
-    FormController.include({
-        events: _.extend({}, FormController.prototype.events, {
-            "click [name='vault_reencrypt']": "_clickReencryptVault",
-            "click [name='vault_verify']": "_clickVerifyVault",
-        }),
-
-        /**
-         * Re-encrypt the key if the user is getting selected
-         *
-         * @private
-         * @param {Object} record
-         * @param {Object} changes
-         * @param {Object} options
-         */
-        _applyChangesSendWizard: async function (record, changes, options) {
-            if (!changes.user_id || !record.data.public) return;
-
-            const key = await vault.unwrap(record.data.key);
-            await this._applyChanges(
-                record.id,
-                {key_user: await vault.wrap_with(key, record.data.public)},
-                options
-            );
-        },
-
-        /**
-         * Re-encrypt the key if the entry is getting selected
-         *
-         * @private
-         * @param {Object} record
-         * @param {Object} changes
-         * @param {Object} options
-         */
-        _applyChangesStoreWizard: async function (record, changes, options) {
-            if (
-                !changes.entry_id ||
-                !record.data.master_key ||
-                !record.data.iv ||
-                !record.data.secret_temporary
-            )
-                return;
-
-            const key = await vault.unwrap(record.data.key);
-            const secret = await utils.sym_decrypt(
-                key,
-                record.data.secret_temporary,
-                record.data.iv
-            );
-            const master_key = await vault.unwrap(record.data.master_key);
-
-            await this._applyChanges(
-                record.id,
-                {secret: await utils.sym_encrypt(master_key, secret, record.data.iv)},
-                options
-            );
-        },
-
-        /**
-         * Generate a new key pair for the current user
-         *
-         * @private
-         */
-        _newVaultKeyPair: async function () {
-            // Get the current private key
-            const private_key = await vault.get_private_key();
-
-            // Generate new keys
-            await vault.generate_keys();
-
-            const public_key = await vault.get_public_key();
-
-            // Re-encrypt the master keys
-            const master_keys = await this._rpc({route: "/vault/rights/get"});
-            let result = {};
-            for (const uuid in master_keys) {
-                result[uuid] = await utils.wrap(
-                    await utils.unwrap(master_keys[uuid], private_key),
-                    public_key
-                );
-            }
-
-            await this._rpc({route: "/vault/rights/store", params: {keys: result}});
-
-            // Re-encrypt the inboxes to not loose it
-            const inbox_keys = await this._rpc({route: "/vault/inbox/get"});
-            result = {};
-            for (const uuid in inbox_keys) {
-                result[uuid] = await utils.wrap(
-                    await utils.unwrap(inbox_keys[uuid], private_key),
-                    public_key
-                );
-            }
-
-            await this._rpc({route: "/vault/inbox/store", params: {keys: result}});
-
-            await this.reload();
-        },
-
-        /**
-         * Generate a new key pair and re-encrypt the master keys of the vaults
-         *
-         * @private
-         * @param {OdooEvent} ev
-         */
-        _onGenerateKeys: async function (ev) {
-            ev.stopPropagation();
-            if (!utils.supported()) return;
-
-            var self = this;
-
-            Dialog.confirm(
-                self,
-                _t("Do you really want to create a new key pair and set it active?"),
-                {
-                    confirm_callback: function () {
-                        return self._newVaultKeyPair();
-                    },
-                }
-            );
-        },
-
-        /**
-         * Hook into the button to generate new key pairs
-         *
-         * @private
-         */
-        renderButtons: function () {
-            this._super.apply(this, arguments);
-
-            if (this.modelName !== "res.users") return;
-
-            if (this.$buttons)
-                this.$buttons.on(
-                    "click",
-                    "[name='action_generate_key']",
-                    this._onGenerateKeys.bind(this)
-                );
-        },
-
-        /**
-         * Handle changes of vault.right field in the vault view properly by
-         * sharing the master key with the user
-         *
-         * @private
-         * @param {Object} record
-         * @param {Object} changes
-         * @param {Object} options
-         */
-        _changedVaultRightUser: async function (record, changes, options) {
-            if (!changes.data.user_id) return;
-
-            const params = {user_id: changes.data.user_id.id};
-            const user = await this._rpc({route: "/vault/public", params: params});
-
-            if (!user || !user.public_key)
-                throw new TypeError("User has no public key");
-
-            for (const right of record.data.right_ids.data) {
-                if (right.id === changes.id) {
-                    const key = await vault.share(
-                        record.data.master_key,
-                        user.public_key
-                    );
-                    await this._applyChanges(
-                        record.id,
-                        {
-                            right_ids: {
-                                operation: "UPDATE",
-                                id: right.id,
-                                data: {key: key},
-                            },
-                        },
-                        options
-                    );
-                }
-            }
-        },
-
-        _clickReencryptVault: async function () {
-            await this._reencryptVault(false, true);
-        },
-
-        _clickVerifyVault: async function () {
-            await this._reencryptVault(true, false);
-        },
-
-        /**
-         * Handle the deletion of a vault.right field in the vault view properly by
-         * generating a new master key and re-encrypting everything in the vault to
-         * deny any future access to the vault.
-         *
-         * @private
-         * @param {Boolean} verify
-         * @param {Boolean} force
-         */
-        _reencryptVault: async function (verify = false, force = false) {
-            const record = this.model.get(this.handle);
-
-            await vault._ensure_keys();
-
-            const self = this;
-            const master_key = await utils.generate_key();
-            const current_key = await vault.unwrap(record.data.master_key);
-
-            // This stores the additional changes made to rights, fields, and files
-            const changes = [];
-            const problems = [];
-
-            async function reencrypt(model, type) {
-                // Load the entire data from the database
-                const handle = await self.model.load({
-                    context: {vault_reencrypt: true},
-                    domain: [["vault_id", "=", record.res_id]],
-                    fields: ["iv", "value", "name", "entry_name"],
-                    modelName: model,
-                    limit: 0,
-                    type: "list",
-                });
-
-                const records = await self.model.get(handle, {raw: true});
-                for (const rec of records.data) {
-                    if (!rec.data) continue;
-
-                    const d = rec.data;
-                    const val = await utils.sym_decrypt(current_key, d.value, d.iv);
-                    if (val === null) {
-                        problems.push(
-                            _.str.sprintf(
-                                _t("%s '%s' of entry '%s'"),
-                                type,
-                                d.name,
-                                d.entry_name
-                            )
-                        );
-                        continue;
-                    }
-
-                    const iv = utils.generate_iv_base64();
-                    const encrypted = await utils.sym_encrypt(master_key, val, iv);
-
-                    changes.push({
-                        id: rec.res_id,
-                        model: model,
-                        value: encrypted,
-                        iv: iv,
-                    });
-                }
-            }
-
-            framework.blockUI();
-            try {
-                // Update the rights. Load without limit
-                const right_handle = await this.model.load({
-                    domain: [["vault_id", "=", record.res_id]],
-                    fields: ["key"],
-                    modelName: "vault.right",
-                    limit: 0,
-                    type: "list",
-                });
-
-                const rights = await this.model.get(right_handle, {raw: true});
-                for (const right of rights.data) {
-                    const key = await vault.wrap_with(
-                        master_key,
-                        right.data.public_key
-                    );
-
-                    changes.push({
-                        id: right.res_id,
-                        model: "vault.right",
-                        key: key,
-                    });
-                }
-
-                // Re-encrypt vault.field and vault.file
-                await reencrypt("vault.field", "Field");
-                await reencrypt("vault.file", "File");
-
-                if (problems && !force) {
-                    framework.unblockUI();
-
-                    Dialog.alert(self, "", {
-                        title: _t("The following entries are broken:"),
-                        $content: $("<div/>").html(problems.join("<br>\n")),
-                    });
-                }
-
-                if (!verify) {
-                    await this._rpc({
-                        route: "/vault/replace",
-                        params: {data: changes},
-                    });
-                    this.reload();
-                }
-            } finally {
-                framework.unblockUI();
-            }
-        },
-
-        /**
-         * Handle changes to the vault properly and call the specific function for the cases above.
-         * Generate a master key if there is not one yet
-         *
-         * @private
-         * @param {Object} record
-         * @param {Object} changes
-         * @param {Object} options
-         */
-        _applyChangesVault: async function (record, changes, options) {
-            if (!record.data.master_key && !changes.master_key) {
-                const master_key = await vault.wrap(await utils.generate_key());
-                await this._applyChanges(record.id, {master_key: master_key}, options);
-            }
-
-            if (changes.right_ids && changes.right_ids.operation === "UPDATE")
-                await this._changedVaultRightUser(record, changes.right_ids, options);
-        },
-
-        /**
-         * Call the right importer in the import wizard onchange of the content field
-         *
-         * @private
-         * @param {Object} record
-         * @param {Object} changes
-         * @param {Object} options
-         */
-        _applyChangesImportWizard: async function (record, changes, options) {
-            if (!changes.content) return;
-
-            // Try to import the file on the fly and store the compatible JSON in the
-            // crypted_content field for the python backend
-            const importer = new Importer();
-            const data = await importer.import(
-                await vault.unwrap(record.data.master_key),
-                record.data.name,
-                atob(changes.content)
-            );
-
-            if (data)
-                await this._applyChanges(
-                    record.id,
-                    {crypted_content: JSON.stringify(data)},
-                    options
-                );
-        },
-
-        /**
-         * Check the model of the form and call the above functions for the right case
-         *
-         * @private
-         * @param {String} dataPointID
-         * @param {Object} changes
-         * @param {Object} options
-         */
-        _applyChanges: async function (dataPointID, changes, options) {
-            const result = await this._super.apply(this, arguments);
-
-            if (!utils.supported()) return result;
-
-            const record = this.model.get(dataPointID);
-            if (record.model === "vault")
-                await this._applyChangesVault(record, changes, options);
-            else if (record.model === "vault.send.wizard")
-                await this._applyChangesSendWizard(record, changes, options);
-            else if (record.model === "vault.store.wizard")
-                await this._applyChangesStoreWizard(record, changes, options);
-            else if (record.model === "vault.import.wizard")
-                await this._applyChangesImportWizard(record, changes, options);
-
-            return result;
-        },
-    });
-});
diff --git a/vault/static/src/legacy/vault_widget.js b/vault/static/src/legacy/vault_widget.js
deleted file mode 100644
index c7478e6fa5..0000000000
--- a/vault/static/src/legacy/vault_widget.js
+++ /dev/null
@@ -1,563 +0,0 @@
-// © 2021 Florian Kantelberg - initOS GmbH
-// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
-
-odoo.define("vault.fields", function (require) {
-    "use strict";
-
-    const core = require("web.core");
-    const basic_fields = require("web.basic_fields");
-    const download = require("web.download");
-    const Exporter = require("vault.export");
-    const registry = require("web.field_registry");
-    const utils = require("vault.utils");
-    const vault = require("vault");
-
-    const _t = core._t;
-    const QWeb = core.qweb;
-
-    const VaultAbstract = {
-        supported: function () {
-            return utils.supported();
-        },
-        /**
-         * Set the value by encrypting it
-         *
-         * @param {String} value
-         * @param {Object} options
-         * @returns promise for the encryption
-         */
-        _setValue: function (value, options) {
-            const self = this;
-            const _super = this._super;
-
-            if (utils.supported()) {
-                return this._encrypt(value).then(function (data) {
-                    _super.call(self, data, options);
-                });
-            }
-        },
-
-        /**
-         * Set the value of a different field
-         *
-         * @param {String} field
-         * @param {String} value
-         */
-        _setFieldValue: function (field, value) {
-            const data = {};
-            data[field] = value;
-
-            this.trigger_up("field_changed", {
-                dataPointID: this.dataPointID,
-                changes: data,
-            });
-        },
-
-        /**
-         * Extract the IV or generate a new one if needed
-         *
-         * @returns the IV to use
-         */
-        _getIV: function () {
-            if (!utils.supported()) return null;
-
-            // IV already read. Reuse it
-            if (this.iv) return this.iv;
-
-            // Read the IV from the field
-            this.iv = this.recordData[this.field_iv];
-            if (this.iv) return this.iv;
-
-            // Generate a new IV
-            this.iv = utils.generate_iv_base64();
-            this._setFieldValue(this.field_iv, this.iv);
-            return this.iv;
-        },
-
-        /**
-         * Extract the master key of the vault or generate a new one
-         *
-         * @returns the master key to use
-         */
-        _getMasterKey: async function () {
-            if (!utils.supported()) return null;
-
-            // Check if the master key is already extracted
-            if (this.key) return await vault.unwrap(this.key);
-
-            // Get the wrapped master key from the field
-            this.key = this.recordData[this.field_key];
-            if (this.key) return await vault.unwrap(this.key);
-
-            // Generate a new master key and write it to the field
-            const key = await utils.generate_key();
-            this.key = await vault.wrap(key);
-            this._setFieldValue(this.field_key, this.key);
-            return key;
-        },
-
-        /**
-         * Toggle if the value is shown or hidden, and decrypt the value if shown
-         *
-         * @private
-         * @param {OdooEvent} ev
-         */
-        _onShowValue: async function (ev) {
-            ev.stopPropagation();
-
-            this.decrypted = !this.decrypted;
-            if (this.decrypted) this.decrypted_value = await this._decrypt(this.value);
-            else this.decrypted_value = false;
-
-            this._render();
-        },
-
-        /**
-         * Copy the decrypted value to the clipboard
-         *
-         * @private
-         * @param {OdooEvent} ev
-         */
-        _onCopyValue: async function (ev) {
-            ev.stopPropagation();
-
-            const value = await this._decrypt(this.value);
-            await navigator.clipboard.writeText(value);
-        },
-
-        /**
-         * Send the value with an internal user
-         *
-         * @private
-         * @param {OdooEvent} ev
-         */
-        _onSendValue: async function (ev) {
-            ev.stopPropagation();
-
-            const key = await utils.generate_key();
-            const iv = utils.generate_iv_base64();
-            const value = await this._decrypt(this.value);
-
-            this.do_action({
-                type: "ir.actions.act_window",
-                title: _t("Send the secret to another user"),
-                target: "new",
-                res_model: "vault.send.wizard",
-                views: [[false, "form"]],
-                context: {
-                    default_secret: await utils.sym_encrypt(key, value, iv),
-                    default_iv: iv,
-                    default_key: await vault.wrap(key),
-                },
-            });
-        },
-
-        /**
-         * Save the content in an entry of a vault
-         *
-         * @private
-         * @param {OdooEvent} ev
-         */
-        _onSaveValue: async function (ev) {
-            ev.stopPropagation();
-
-            const key = await utils.generate_key();
-            const iv = utils.generate_iv_base64();
-            const value = await this._decrypt(this.value);
-            const store_model = this.store_model || "vault.field";
-
-            this.do_action({
-                type: "ir.actions.act_window",
-                title: _t("Store the secret in a vault"),
-                target: "new",
-                res_model: "vault.store.wizard",
-                views: [[false, "form"]],
-                context: {
-                    default_model: store_model,
-                    default_secret_temporary: await utils.sym_encrypt(key, value, iv),
-                    default_iv: iv,
-                    default_key: await vault.wrap(key),
-                },
-            });
-        },
-
-        /**
-         * Decrypt data with the master key stored in the vault
-         *
-         * @param {String} data
-         * @returns the decrypted data
-         */
-        _decrypt: async function (data) {
-            if (!utils.supported()) return null;
-
-            const iv = this._getIV();
-            const key = await this._getMasterKey();
-            return await utils.sym_decrypt(key, data, iv);
-        },
-
-        /**
-         * Encrypt data with the master key stored in the vault
-         *
-         * @param {String} data
-         * @returns the encrypted data
-         */
-        _encrypt: async function (data) {
-            if (!utils.supported()) return null;
-
-            const iv = this._getIV();
-            const key = await this._getMasterKey();
-            return await utils.sym_encrypt(key, data, iv);
-        },
-    };
-
-    // Basic field widget of the vault
-    const VaultField = basic_fields.InputField.extend(VaultAbstract, {
-        supportedFieldTypes: ["char"],
-        tagName: "div",
-        events: _.extend({}, basic_fields.InputField.prototype.events, {
-            "click .o_vault_show": "_onShowValue",
-            "click .o_vault_clipboard": "_onCopyValue",
-            "click .o_vault_generate": "_onGenerateValue",
-            "click .o_vault_send": "_onSendValue",
-        }),
-        className: "o_vault o_field_char",
-        template: "FieldVault",
-
-        /**
-         * Prepare the widget by evaluating the field attributes and setting the defaults
-         *
-         * @override
-         */
-        init: function () {
-            this._super.apply(this, arguments);
-
-            this.field_key = this.attrs.key || "master_key";
-            this.field_iv = this.attrs.iv || "iv";
-            this.decrypted = false;
-        },
-
-        /**
-         * Generate a secret
-         *
-         * @private
-         * @param {OdooEvent} ev
-         */
-        _onGenerateValue: async function (ev) {
-            ev.stopPropagation();
-
-            const password = await utils.generate_pass();
-            this.$el.find("input.o_vault_value")[0].value = password;
-            this._setValue(password, {});
-        },
-
-        /**
-         * Render the decrypted value or the stars
-         *
-         * @private
-         */
-        _renderReadonly: function () {
-            this._renderValue(this.decrypted_value || "********");
-        },
-
-        /**
-         * Adapt the maxlength
-         *
-         * @private
-         * @override
-         */
-        _renderEdit: function () {
-            if (this.field.size && this.field.size > 0)
-                this.$el.attr("maxlength", this.field.size);
-            return this._super.apply(this, arguments);
-        },
-
-        /**
-         * Render the decrypted value or the stars
-         *
-         * @private
-         * @param {String} value to render
-         */
-        _renderValue: function (value) {
-            const self = this;
-            this.$el.html(
-                QWeb.render(this.template, {
-                    widget: self,
-                    value: value,
-                    show: !this.decrypted,
-                })
-            );
-        },
-
-        /**
-         * Decrypt the value and show in edit mode
-         *
-         * @private
-         * @param {JQuery} $input
-         * @returns the element
-         */
-        _prepareInput: function ($input) {
-            const self = this;
-            const inputAttrs = {
-                placeholder: self.attrs.placeholder || "",
-                type: "text",
-            };
-            this.$input = $input || $("<input/>");
-            this.$input.addClass("o_input");
-            this.$input.attr(inputAttrs);
-
-            if (utils.supported()) {
-                this._decrypt(this.value).then(function (data) {
-                    self.$input.val(self._formatValue(data));
-                });
-            }
-
-            return this.$input;
-        },
-
-        /**
-         * @override
-         * @returns {String} the content of the input
-         */
-        _getValue: function () {
-            return this.$("input").val();
-        },
-    });
-
-    // Widget used for using encrypted files
-    const VaultFile = basic_fields.FieldBinaryFile.extend(VaultAbstract, {
-        className: "o_vault",
-
-        /**
-         * Prepare the widget by evaluating the field attributes and setting the defaults
-         *
-         * @override
-         */
-        init: function () {
-            this._super.apply(this, arguments);
-
-            this.field_key = this.attrs.key || "master_key";
-            this.field_iv = this.attrs.iv || "iv";
-        },
-
-        /**
-         * Handle on save correctly by decrypting the value before and starting the download
-         *
-         * @private
-         * @param {OdooEvent} ev
-         */
-        on_save_as: async function (ev) {
-            if (!this.value) {
-                this.do_warn(
-                    _t("Save As..."),
-                    _t("The field is empty, there's nothing to save!")
-                );
-                ev.stopPropagation();
-            } else if (this.res_id && utils.supported()) {
-                ev.stopPropagation();
-
-                const filename_fieldname = this.attrs.filename;
-                const base64 = atob(await this._decrypt(this.value));
-                const buffer = new ArrayBuffer(base64.length);
-                const arr = new Uint8Array(buffer);
-                for (let i = 0; i < base64.length; i++) arr[i] = base64.charCodeAt(i);
-
-                const blob = new Blob([arr]);
-                download(blob, this.recordData[filename_fieldname] || "");
-            }
-        },
-    });
-
-    // Widget used for using export
-    const VaultExportFile = basic_fields.FieldBinaryFile.extend(VaultAbstract, {
-        className: "o_vault",
-        events: _.extend({}, basic_fields.AbstractFieldBinary.prototype.events, {
-            click: function (event) {
-                if (this.mode === "readonly" && this.value) this.on_save_as(event);
-            },
-            "click .o_input": function () {
-                this.$(".o_input_file").click();
-            },
-        }),
-
-        /**
-         * Prepare the widget by evaluating the field attributes and setting the defaults
-         *
-         * @override
-         */
-        init: function () {
-            this._super.apply(this, arguments);
-
-            this.field_key = this.attrs.key || "master_key";
-        },
-
-        /**
-         * Render the widget always like the normal widget in readonly mode
-         *
-         * @private
-         * @override
-         */
-        _render: function () {
-            if (this.value) {
-                this.$el.empty().append($("<span/>").addClass("fa fa-download"));
-                this.$el.css("cursor", "pointer");
-
-                if (this.filename_value) this.$el.append(" " + this.filename_value);
-            } else this.$el.css("cursor", "not-allowed");
-        },
-
-        /**
-         * Handle on save correctly by decrypting the value before and starting the download
-         *
-         * @private
-         * @param {OdooEvent} ev
-         */
-        on_save_as: async function (ev) {
-            if (this.value && utils.supported()) {
-                ev.stopPropagation();
-
-                const exporter = new Exporter();
-                const content = JSON.stringify(
-                    await exporter.export(
-                        await this._getMasterKey(),
-                        this.filename_value,
-                        this.value
-                    )
-                );
-                const buffer = new ArrayBuffer(content.length);
-                const arr = new Uint8Array(buffer);
-                for (let i = 0; i < content.length; i++) arr[i] = content.charCodeAt(i);
-
-                const blob = new Blob([arr]);
-                download(blob, this.filename_value || "");
-            } else {
-                this.do_warn(
-                    _t("Save As..."),
-                    _t("The field is empty, there's nothing to save!")
-                );
-                ev.stopPropagation();
-            }
-        },
-    });
-
-    const VaultInboxField = VaultField.extend({
-        store_model: "vault.field",
-        events: _.extend({}, VaultField.prototype.events, {
-            "click .o_vault_show": "_onShowValue",
-            "click .o_vault_clipboard": "_onCopyValue",
-            "click .o_vault_save": "_onSaveValue",
-        }),
-        template: "FieldVaultInbox",
-
-        /**
-         * Prepare the widget by evaluating the field attributes and setting the defaults
-         *
-         * @override
-         */
-        init: function () {
-            this._super.apply(this, arguments);
-
-            this.field_iv = this.attrs.iv || "iv";
-            this.field_key = this.attrs.key || "key";
-            this.decrypted = false;
-        },
-
-        /**
-         * Decrypt the data with the private key of the vault
-         *
-         * @private
-         * @param {String} data
-         * @returns the decrypted data
-         */
-        _decrypt: async function (data) {
-            if (!utils.supported()) return null;
-
-            const iv = this.recordData[this.field_iv];
-            const wrapped_key = this.recordData[this.field_key];
-
-            if (!iv || !wrapped_key) return false;
-
-            const key = await vault.unwrap(wrapped_key);
-            return await utils.sym_decrypt(key, data, iv);
-        },
-
-        /**
-         * Render the decrypted value or the stars
-         *
-         * @private
-         */
-        _renderEdit: function () {
-            this._renderReadonly();
-        },
-    });
-
-    // Widget used to view shared incoming secrets encrypted with public keys
-    const VaultInboxFile = VaultFile.extend({
-        store_model: "vault.file",
-        template: "FileVaultInbox",
-        events: _.extend({}, VaultFile.prototype.events, {
-            "click .o_vault_save": "_onSaveValue",
-        }),
-
-        /**
-         * Prepare the widget by evaluating the field attributes and setting the defaults
-         *
-         * @override
-         */
-        init: function () {
-            this._super.apply(this, arguments);
-
-            this.field_key = this.attrs.key || "key";
-            this.decrypted = false;
-        },
-
-        _renderReadonly: function () {
-            this.do_toggle(Boolean(this.value));
-            if (this.value) {
-                this.$el.html(
-                    QWeb.render(this.template, {
-                        widget: this,
-                        filename: this.filename_value,
-                    })
-                );
-
-                const $el = this.$(".link");
-                if (this.recordData.id) $el.css("cursor", "pointer");
-                else $el.css("cursor", "not-allowed");
-            }
-        },
-
-        /**
-         * Decrypt the data with the private key of the vault
-         *
-         * @private
-         * @param {String} data
-         * @returns the decrypted data
-         */
-        _decrypt: async function (data) {
-            if (!utils.supported()) return null;
-
-            const iv = this.recordData[this.field_iv];
-            const wrapped_key = this.recordData[this.field_key];
-
-            if (!iv || !wrapped_key) return false;
-
-            const key = await vault.unwrap(wrapped_key);
-            return btoa(await utils.sym_decrypt(key, data, iv));
-        },
-    });
-
-    registry.add("vault", VaultField);
-    registry.add("vault_file", VaultFile);
-    registry.add("vault_export", VaultExportFile);
-    registry.add("vault_inbox", VaultInboxField);
-    registry.add("vault_inbox_file", VaultInboxFile);
-
-    return {
-        VaultAbstract: VaultAbstract,
-        VaultField: VaultField,
-        VaultFile: VaultFile,
-        VaultExportFile: VaultExportFile,
-        VaultInboxFile: VaultInboxFile,
-        VaultInboxField: VaultInboxField,
-    };
-});
diff --git a/vault/tests/test_controller.py b/vault/tests/test_controller.py
index adb0f5c947..21e06d2cf9 100644
--- a/vault/tests/test_controller.py
+++ b/vault/tests/test_controller.py
@@ -1,6 +1,7 @@
 # © 2021 Florian Kantelberg - initOS GmbH
 # License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
 
+import json
 import logging
 from unittest.mock import MagicMock
 
@@ -15,19 +16,20 @@
 
 
 class TestController(TransactionCase):
-    def setUp(self):
-        super().setUp()
+    @classmethod
+    def setUpClass(cls):
+        super().setUpClass()
 
-        self.controller = main.Controller()
+        cls.controller = main.Controller()
 
-        self.user = self.env["res.users"].create(
+        cls.user = cls.env["res.users"].create(
             {"login": "test", "email": "test@test", "name": "test"}
         )
-        self.user.inbox_token = "42"
-        self.user.keys.current = False
-        self.key = self.env["res.users.key"].create(
+        cls.user.inbox_token = "42"
+        cls.user.keys.current = False
+        cls.key = cls.env["res.users.key"].create(
             {
-                "user_id": self.user.id,
+                "user_id": cls.user.id,
                 "public": "a public key",
                 "salt": "42",
                 "iv": "2424",
@@ -36,9 +38,9 @@ def setUp(self):
                 "current": True,
             }
         )
-        self.inbox = self.env["vault.inbox"].create(
+        cls.inbox = cls.env["vault.inbox"].create(
             {
-                "user_id": self.user.id,
+                "user_id": cls.user.id,
                 "name": "Inbox",
                 "key": "4",
                 "iv": "1",
@@ -52,35 +54,38 @@ def setUp(self):
     def test_vault_inbox(self):
         def return_context(template, context):
             self.assertEqual(template, "vault.inbox")
-            return context
+            return json.dumps(context)
+
+        def load(response):
+            return json.loads(response.data)
 
         with MockRequest(self.env) as request_mock:
             request_mock.render = return_context
-            response = self.controller.vault_inbox("")
+            response = load(self.controller.vault_inbox(""))
             self.assertIn("error", response)
 
-            response = self.controller.vault_inbox(self.user.inbox_token)
+            response = load(self.controller.vault_inbox(self.user.inbox_token))
             self.assertNotIn("error", response)
             self.assertEqual(response["public"], self.user.active_key.public)
 
             # Try to eliminate each error step by step
             request_mock.httprequest.method = "POST"
             request_mock.params = {}
-            response = self.controller.vault_inbox(self.user.inbox_token)
+            response = load(self.controller.vault_inbox(self.user.inbox_token))
             self.assertIn("error", response)
 
             request_mock.params["name"] = "test"
-            response = self.controller.vault_inbox(self.user.inbox_token)
+            response = load(self.controller.vault_inbox(self.user.inbox_token))
             self.assertIn("error", response)
 
             request_mock.params.update(
                 {"encrypted": "secret", "encrypted_file": "file"}
             )
-            response = self.controller.vault_inbox(self.user.inbox_token)
+            response = load(self.controller.vault_inbox(self.user.inbox_token))
             self.assertIn("error", response)
 
             request_mock.params["filename"] = "filename"
-            response = self.controller.vault_inbox(self.user.inbox_token)
+            response = load(self.controller.vault_inbox(self.user.inbox_token))
             self.assertIn("error", response)
 
             self.assertEqual(self.inbox.secret, "old secret")
@@ -88,14 +93,14 @@ def return_context(template, context):
 
             # Store something successfully
             request_mock.params.update({"iv": "iv", "key": "key"})
-            response = self.controller.vault_inbox(self.inbox.token)
+            response = load(self.controller.vault_inbox(self.inbox.token))
             self.assertNotIn("error", response)
             self.assertEqual(self.inbox.secret, "secret")
             self.assertEqual(self.inbox.secret_file, b"file")
 
             # Test a duplicate inbox
             self.inbox.copy().token = self.inbox.token
-            response = self.controller.vault_inbox(self.inbox.token)
+            response = load(self.controller.vault_inbox(self.inbox.token))
             self.assertIn("error", response)
 
             def raise_error(*args, **kwargs):
@@ -105,7 +110,7 @@ def raise_error(*args, **kwargs):
             try:
                 request_mock.httprequest.remote_addr = "127.0.0.1"
                 self.env["vault.inbox"]._patch_method("store_in_inbox", raise_error)
-                response = self.controller.vault_inbox(self.user.inbox_token)
+                response = load(self.controller.vault_inbox(self.user.inbox_token))
             finally:
                 self.env["vault.inbox"]._revert_method("store_in_inbox")
 
diff --git a/vault/tests/test_widgets.py b/vault/tests/test_widgets.py
index 3c9d3e871d..3d7d26dda3 100644
--- a/vault/tests/test_widgets.py
+++ b/vault/tests/test_widgets.py
@@ -133,7 +133,7 @@ def test_export(self):
         wiz = self.env["vault.export.wizard"].create({"vault_id": self.vault.id})
 
         # Export without entry should export entire vault
-        wiz._change_content()
+        wiz._onchange_content()
         entries = json.loads(wiz.content)
         self.assertEqual({e["uuid"] for e in entries}, {second.uuid, self.entry.uuid})
         self.assertEqual(len(entries), 2)
@@ -141,7 +141,7 @@ def test_export(self):
         wiz.entry_id = self.entry
 
         # Export the entire tree
-        wiz._change_content()
+        wiz._onchange_content()
         entries = json.loads(wiz.content)
         self.assertEqual(len(entries), 1)
         self.assertEqual(entries[0]["uuid"], self.entry.uuid)
@@ -149,7 +149,7 @@ def test_export(self):
 
         # Skip exporting childs
         wiz.include_childs = False
-        wiz._change_content()
+        wiz._onchange_content()
         entries = json.loads(wiz.content)
         self.assertEqual(len(entries), 1)
         self.assertEqual(entries[0]["uuid"], self.entry.uuid)
diff --git a/vault/views/res_users_views.xml b/vault/views/res_users_views.xml
index 11799f7d06..cbf44e6cd9 100644
--- a/vault/views/res_users_views.xml
+++ b/vault/views/res_users_views.xml
@@ -37,7 +37,7 @@
                 </sheet>
                 <footer>
                     <button
-                        name="action_generate_key"
+                        name="vault_generate_key"
                         string="New private key"
                         class="btn-primary"
                     />
diff --git a/vault/views/vault_entry_views.xml b/vault/views/vault_entry_views.xml
index 738f520252..abe258eda5 100644
--- a/vault/views/vault_entry_views.xml
+++ b/vault/views/vault_entry_views.xml
@@ -88,7 +88,7 @@
                                     <field name="name" />
                                     <field
                                         name="value"
-                                        widget="vault"
+                                        widget="vault_field"
                                         type="field_type"
                                     />
                                     <field name="write_date" />
diff --git a/vault/views/vault_inbox_views.xml b/vault/views/vault_inbox_views.xml
index 0dd4e293c9..9b9f1b0b90 100644
--- a/vault/views/vault_inbox_views.xml
+++ b/vault/views/vault_inbox_views.xml
@@ -13,7 +13,7 @@
     <record id="view_vault_inbox_form" model="ir.ui.view">
         <field name="model">vault.inbox</field>
         <field name="arch" type="xml">
-            <form>
+            <form create="false">
                 <sheet>
                     <field name="user_id" invisible="1" />
                     <field name="iv" invisible="1" />
@@ -26,14 +26,14 @@
                         <field name="expiration" />
                         <field
                             name="secret"
-                            widget="vault_inbox"
+                            widget="vault_inbox_field"
                             attrs="{'invisible': [('secret', '=', False)]}"
                         />
                         <field
                             name="secret_file"
                             filename="filename"
                             widget="vault_inbox_file"
-                            attrs="{'invisible': [('secret', '=', False)]}"
+                            attrs="{'invisible': [('secret_file', '=', False)]}"
                         />
                     </group>
 
diff --git a/vault/wizards/vault_export_wizard.py b/vault/wizards/vault_export_wizard.py
index 8b68c58963..858bfa2d0e 100644
--- a/vault/wizards/vault_export_wizard.py
+++ b/vault/wizards/vault_export_wizard.py
@@ -24,21 +24,28 @@ class ExportWizard(models.TransientModel):
     include_childs = fields.Boolean(default=True)
 
     @api.onchange("vault_id", "entry_id")
-    def _change_content(self):
+    def _onchange_content(self):
         for rec in self.with_context(skip_log=True):
-            if rec.entry_id:
-                entries = rec.entry_id
-            else:
-                entries = rec.vault_id.entry_ids.filtered_domain(
-                    [("parent_id", "=", False)]
-                )
-
-            data = [rec._export_entry(x) for x in entries]
-            rec.content = json.dumps(data)
+            rec.content = self._export_content(
+                rec.vault_id,
+                rec.entry_id,
+                rec.include_childs,
+            )
 
     def _default_name(self):
         return datetime.now().strftime("database-%Y%m%d-%H%M.json")
 
+    def _export_content(self, vault=None, entry=None, include_childs=False):
+        if entry:
+            entries = entry
+        elif vault:
+            entries = vault.entry_ids.filtered_domain([("parent_id", "=", False)])
+        else:
+            return json.dumps([])
+
+        data = [self._export_entry(x, include_childs) for x in entries]
+        return json.dumps(data)
+
     @api.model
     def _export_field(self, rec):
         def ensure_string(x):
@@ -46,9 +53,10 @@ def ensure_string(x):
 
         return {f: ensure_string(rec[f]) for f in ["name", "iv", "value"]}
 
-    def _export_entry(self, entry):
-        if self.include_childs:
-            childs = [self._export_entry(x) for x in entry.child_ids]
+    @api.model
+    def _export_entry(self, entry, include_childs=False):
+        if include_childs:
+            childs = [self._export_entry(x, include_childs) for x in entry.child_ids]
         else:
             childs = []
 
diff --git a/vault/wizards/vault_export_wizard.xml b/vault/wizards/vault_export_wizard.xml
index 9df1ab15b8..71c043569a 100644
--- a/vault/wizards/vault_export_wizard.xml
+++ b/vault/wizards/vault_export_wizard.xml
@@ -13,7 +13,7 @@
                     <group>
                         <field
                             name="content"
-                            widget="vault_export"
+                            widget="vault_export_file"
                             filename="name"
                             readonly="1"
                         />
diff --git a/vault/wizards/vault_send_wizard.py b/vault/wizards/vault_send_wizard.py
index d4bac22cd9..c4a6ff491a 100644
--- a/vault/wizards/vault_send_wizard.py
+++ b/vault/wizards/vault_send_wizard.py
@@ -4,6 +4,7 @@
 import logging
 
 from odoo import _, fields, models
+from odoo.exceptions import ValidationError
 
 _logger = logging.getLogger(__name__)
 
@@ -23,7 +24,7 @@ class VaultSendWizard(models.TransientModel):
     iv = fields.Char(required=True)
     key_user = fields.Char(required=True)
     key = fields.Char(required=True)
-    secret = fields.Char(required=True)
+    secret = fields.Char()
     secret_file = fields.Char()
     filename = fields.Char()
 
@@ -36,6 +37,9 @@ class VaultSendWizard(models.TransientModel):
     ]
 
     def action_send(self):
+        if not self.secret and not self.secret_file:
+            raise ValidationError(_("Neither a secret nor file was given"))
+
         self.ensure_one()
         self.env["vault.inbox"].sudo().create(
             {
diff --git a/vault_share/README.rst b/vault_share/README.rst
deleted file mode 100644
index d67eb4e4f5..0000000000
--- a/vault_share/README.rst
+++ /dev/null
@@ -1,81 +0,0 @@
-=============
-Vault - Share
-=============
-
-.. 
-   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-   !! This file is generated by oca-gen-addon-readme !!
-   !! changes will be overwritten.                   !!
-   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-   !! source digest: sha256:862181a2970df8e6c6143d187b9f24e63434f9c444c014c899076101d749be59
-   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-
-.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
-    :target: https://odoo-community.org/page/development-status
-    :alt: Beta
-.. |badge2| image:: https://img.shields.io/badge/licence-AGPL--3-blue.png
-    :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
-    :alt: License: AGPL-3
-.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github
-    :target: https://github.com/OCA/server-auth/tree/15.0/vault_share
-    :alt: OCA/server-auth
-.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
-    :target: https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-vault_share
-    :alt: Translate me on Weblate
-.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png
-    :target: https://runboat.odoo-community.org/builds?repo=OCA/server-auth&target_branch=15.0
-    :alt: Try me on Runboat
-
-|badge1| |badge2| |badge3| |badge4| |badge5|
-
-This module implements possibilities to share specific secrets with external users. This bases on the vault implementation and the generated RSA key pair.
-
-Share
-=====
-
-This allows an user to share a secret with external users. A share can be generated from a vault entry or directly created by an user. The secret is symmetrically encrypted by a key derived from a pin. To grant access the user has to transmit the link and pin with the external. If either the access counter reaches 0 or the share expires it will be deleted automatically. Due to the usage of a numeric pin and the browser side decryption a share is vulnerable to brute-force attacks and shouldn't be used as a permanent storage for secrets. For long time uses the user should create an account and a vault should be used.
-
-**Table of contents**
-
-.. contents::
-   :local:
-
-Bug Tracker
-===========
-
-Bugs are tracked on `GitHub Issues <https://github.com/OCA/server-auth/issues>`_.
-In case of trouble, please check there if your issue has already been reported.
-If you spotted it first, help us to smash it by providing a detailed and welcomed
-`feedback <https://github.com/OCA/server-auth/issues/new?body=module:%20vault_share%0Aversion:%2015.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
-
-Do not contact contributors directly about support or help with technical issues.
-
-Credits
-=======
-
-Authors
-~~~~~~~
-
-* initOS GmbH
-
-Contributors
-~~~~~~~~~~~~
-
-* Florian Kantelberg <florian.kantelberg@initos.com>
-
-Maintainers
-~~~~~~~~~~~
-
-This module is maintained by the OCA.
-
-.. image:: https://odoo-community.org/logo.png
-   :alt: Odoo Community Association
-   :target: https://odoo-community.org
-
-OCA, or the Odoo Community Association, is a nonprofit organization whose
-mission is to support the collaborative development of Odoo features and
-promote its widespread use.
-
-This module is part of the `OCA/server-auth <https://github.com/OCA/server-auth/tree/15.0/vault_share>`_ project on GitHub.
-
-You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.
diff --git a/vault_share/__init__.py b/vault_share/__init__.py
deleted file mode 100644
index 05ae53c8cb..0000000000
--- a/vault_share/__init__.py
+++ /dev/null
@@ -1,4 +0,0 @@
-# © 2021 Florian Kantelberg - initOS GmbH
-# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
-
-from . import controllers, models
diff --git a/vault_share/__manifest__.py b/vault_share/__manifest__.py
deleted file mode 100644
index 5af9ada04d..0000000000
--- a/vault_share/__manifest__.py
+++ /dev/null
@@ -1,39 +0,0 @@
-# © 2021 Florian Kantelberg - initOS GmbH
-# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
-
-{
-    "name": "Vault - Share",
-    "summary": "Implementation of a mechanism to share secrets",
-    "license": "AGPL-3",
-    "version": "15.0.1.1.1",
-    "website": "https://github.com/OCA/server-auth",
-    "application": False,
-    "author": "initOS GmbH, Odoo Community Association (OCA)",
-    "category": "Vault",
-    "depends": ["vault"],
-    "data": [
-        "data/ir_cron.xml",
-        "security/ir.model.access.csv",
-        "security/ir_rule.xml",
-        "views/menuitems.xml",
-        "views/res_config_settings_views.xml",
-        "views/templates.xml",
-        "views/vault_share_views.xml",
-    ],
-    "assets": {
-        "web.assets_backend": [
-            "vault_share/static/src/common/**/*.js",
-            "vault_share/static/src/backend/**/*.js",
-            "vault_share/static/src/backend/**/*.scss",
-            "vault_share/static/src/legacy/vault_fields.js",
-            "vault_share/static/src/legacy/vault_share_widget.js",
-        ],
-        "vault_share.assets_frontend": [
-            "vault/static/src/common/*.js",
-            "vault_share/static/src/frontend/*.js",
-        ],
-        "web.assets_qweb": [
-            "vault_share/static/src/backend/**/*.xml",
-        ],
-    },
-}
diff --git a/vault_share/controllers/__init__.py b/vault_share/controllers/__init__.py
deleted file mode 100644
index aabfa83edd..0000000000
--- a/vault_share/controllers/__init__.py
+++ /dev/null
@@ -1,4 +0,0 @@
-# © 2021 Florian Kantelberg - initOS GmbH
-# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
-
-from . import main
diff --git a/vault_share/controllers/main.py b/vault_share/controllers/main.py
deleted file mode 100644
index e51f703cbf..0000000000
--- a/vault_share/controllers/main.py
+++ /dev/null
@@ -1,35 +0,0 @@
-# © 2021 Florian Kantelberg - initOS GmbH
-# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
-
-import logging
-
-from odoo import _, http
-from odoo.http import request
-
-_logger = logging.getLogger(__name__)
-
-
-class Controller(http.Controller):
-    @http.route("/vault/share/<string:token>", type="http", auth="public")
-    def vault_share(self, token):
-        ctx = {"disable_footer": True, "token": token}
-        share = request.env["vault.share"].sudo()
-        secret = share.get(token, ip=request.httprequest.remote_addr)
-        if secret is None:
-            ctx["error"] = _("The secret expired")
-            return request.render("vault_share.share", ctx)
-
-        if len(secret) != 1:
-            ctx["error"] = _("Invalid token")
-            return request.render("vault_share.share", ctx)
-
-        ctx.update(
-            {
-                "encrypted": secret.secret,
-                "salt": secret.salt,
-                "iv": secret.iv,
-                "encrypted_file": secret.secret_file,
-                "filename": secret.filename,
-            }
-        )
-        return request.render("vault_share.share", ctx)
diff --git a/vault_share/data/ir_cron.xml b/vault_share/data/ir_cron.xml
deleted file mode 100644
index 362e5c1905..0000000000
--- a/vault_share/data/ir_cron.xml
+++ /dev/null
@@ -1,13 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-<odoo noupdate="1">
-    <record id="cron_share_clean" model="ir.cron">
-        <field name="name">Clean outgoing share</field>
-        <field name="model_id" ref="model_vault_share" />
-        <field name="state">code</field>
-        <field name="code">model.clean()</field>
-        <field name="interval_number">1</field>
-        <field name="interval_type">minutes</field>
-        <field name="numbercall">-1</field>
-        <field name="active" eval="True" />
-    </record>
-</odoo>
diff --git a/vault_share/i18n/es.po b/vault_share/i18n/es.po
deleted file mode 100644
index a73a93b1cb..0000000000
--- a/vault_share/i18n/es.po
+++ /dev/null
@@ -1,296 +0,0 @@
-# Translation of Odoo Server.
-# This file contains the translation of the following modules:
-# 	* vault_share
-#
-msgid ""
-msgstr ""
-"Project-Id-Version: Odoo Server 13.0\n"
-"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-06-06 07:44+0000\n"
-"PO-Revision-Date: 2023-10-30 21:37+0000\n"
-"Last-Translator: Ivorra78 <informatica@totmaterial.es>\n"
-"Language-Team: \n"
-"Language: es\n"
-"MIME-Version: 1.0\n"
-"Content-Type: text/plain; charset=UTF-8\n"
-"Content-Transfer-Encoding: 8bit\n"
-"Plural-Forms: nplurals=2; plural=n != 1;\n"
-"X-Generator: Weblate 4.17\n"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__accesses
-msgid "Access counter"
-msgstr "Contador de acceso"
-
-#. module: vault_share
-#: model:ir.actions.server,name:vault_share.cron_share_clean_ir_actions_server
-#: model:ir.cron,cron_name:vault_share.cron_share_clean
-#: model:ir.cron,name:vault_share.cron_share_clean
-msgid "Clean outgoing share"
-msgstr "Limpiar recurso compartido externo"
-
-#. module: vault_share
-#: model:ir.model,name:vault_share.model_res_company
-msgid "Companies"
-msgstr "Compañías"
-
-#. module: vault_share
-#: model:ir.model,name:vault_share.model_res_config_settings
-msgid "Config Settings"
-msgstr "Opciones de Configuración"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__create_uid
-#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__create_uid
-msgid "Created by"
-msgstr "Creado por"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__create_date
-#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__create_date
-msgid "Created on"
-msgstr "Creado el"
-
-#. module: vault_share
-#: model_terms:ir.ui.view,arch_db:vault_share.res_config_settings_view_form
-msgid "Days"
-msgstr "Días"
-
-#. module: vault_share
-#: model_terms:ir.ui.view,arch_db:vault_share.res_config_settings_view_form
-msgid "Delay the deletion of shares"
-msgstr "Retrasar el borrado de recursos compartidos"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_res_config_settings__vault_share_delay
-msgid "Delayed Deletion"
-msgstr "Retrasar borrado"
-
-#. module: vault_share
-#: model:ir.model.fields,help:vault_share.field_res_config_settings__vault_share_delay
-msgid ""
-"Delays the deletion of a share. After the expiration date it continues to "
-"stay inaccessible"
-msgstr ""
-"Retrasa la eliminación de un recurso compartido. Después de la fecha de "
-"caducidad sigue siendo inaccesible"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__display_name
-#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__display_name
-msgid "Display Name"
-msgstr "Nombre a mostrar"
-
-#. module: vault_share
-#: model_terms:ir.ui.view,arch_db:vault_share.share
-msgid "Enter the pin:"
-msgstr "Ingresa el pin:"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__expiration
-msgid "Expiration"
-msgstr "Expiración"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__filename
-msgid "Filename"
-msgstr "Nombre del fichero"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__id
-#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__id
-msgid "ID"
-msgstr "ID"
-
-#. module: vault_share
-#: code:addons/vault_share/controllers/main.py:0
-#, python-format
-msgid "Invalid token"
-msgstr "Token inválido"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__iv
-msgid "Iv"
-msgstr "Iv"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share____last_update
-#: model:ir.model.fields,field_description:vault_share.field_vault_share_log____last_update
-msgid "Last Modified on"
-msgstr "Última modificación el"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__write_uid
-#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__write_uid
-msgid "Last Updated by"
-msgstr "Última modificación por"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__write_date
-#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__write_date
-msgid "Last Updated on"
-msgstr "Última actualización en"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__log_ids
-msgid "Log"
-msgstr "Registro"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__name
-#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__name
-msgid "Name"
-msgstr "Nombre"
-
-#. module: vault_share
-#: code:addons/vault_share/models/vault_share.py:0
-#: model:ir.model.constraint,message:vault_share.constraint_vault_share_value_check
-#, python-format
-msgid "No value found"
-msgstr "No se ha encontrado ningún valor"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__pin
-msgid "Pin"
-msgstr "Pin"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__salt
-msgid "Salt"
-msgstr "Sal"
-
-#. module: vault_share
-#. openerp-web
-#: code:addons/vault_share/static/src/backend/templates.xml:0
-#, python-format
-msgid "Save in a vault"
-msgstr "Guardar en un vault"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__secret
-msgid "Secret"
-msgstr "Secreto"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__secret_file
-msgid "Secret File"
-msgstr "Archivo de secretos"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__share_id
-msgid "Share"
-msgstr "Compartir"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__share_link
-msgid "Share URL"
-msgstr "Compartir url"
-
-#. module: vault_share
-#. openerp-web
-#: code:addons/vault_share/static/src/legacy/vault_fields.js:0
-#, python-format
-msgid "Share the secret"
-msgstr "Compartir el secreto"
-
-#. module: vault_share
-#. openerp-web
-#: code:addons/vault_share/static/src/backend/templates.xml:0
-#, python-format
-msgid "Share the secret with an external user"
-msgstr "Compartir el secreto con usuario externo"
-
-#. module: vault_share
-#: model_terms:ir.ui.view,arch_db:vault_share.share
-msgid "Shared file:"
-msgstr "Archivo compartido:"
-
-#. module: vault_share
-#: model_terms:ir.ui.view,arch_db:vault_share.share
-msgid "Shared secret:"
-msgstr "Secreto compartido:"
-
-#. module: vault_share
-#: model:ir.actions.act_window,name:vault_share.action_vault_share
-#: model:ir.ui.menu,name:vault_share.menu_vault_share
-msgid "Shares"
-msgstr "Recursos compartidos"
-
-#. module: vault_share
-#: model:ir.model.fields,help:vault_share.field_vault_share__expiration
-msgid "Specifies how long a share can be accessed until deletion."
-msgstr ""
-"Especifica el tiempo que se puede acceder a un recurso compartido hasta su "
-"eliminación."
-
-#. module: vault_share
-#: model:ir.model.fields,help:vault_share.field_vault_share__accesses
-msgid "Specifies how often a share can be accessed before deletion."
-msgstr ""
-"Especifica la frecuencia con la que se puede acceder a un recurso compartido "
-"antes de eliminarlo."
-
-#. module: vault_share
-#: model:ir.model.fields,help:vault_share.field_vault_share__pin
-msgid "The pin needed to decrypt the share."
-msgstr "El pin necesario para descifrar el recurso compartido."
-
-#. module: vault_share
-#: code:addons/vault_share/controllers/main.py:0
-#, python-format
-msgid "The secret expired"
-msgstr "El secreto ha expirado"
-
-#. module: vault_share
-#: code:addons/vault_share/models/vault_share.py:0
-#, python-format
-msgid "The share was accessed by %(name)s via %(ip)s"
-msgstr "%(name)s ha accedido a la acción a través de %(ip)s"
-
-#. module: vault_share
-#: code:addons/vault_share/models/vault_share.py:0
-#, python-format
-msgid "The share was created by %(name)s"
-msgstr "La acción fue creada por %(name)s"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__token
-msgid "Token"
-msgstr "Token"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__user_id
-msgid "User"
-msgstr "Usuario"
-
-#. module: vault_share
-#: model:ir.model.fields,help:vault_share.field_vault_share__share_link
-msgid "Using this link and pin people can access the secret."
-msgstr "Utilizando este enlace y el pin la gente puede acceder al secreto."
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_res_company__vault_share_delay
-msgid "Vault Share Delay"
-msgstr "Retraso de la Acción de la Bóveda"
-
-#. module: vault_share
-#: code:addons/vault_share/models/vault_share_log.py:0
-#: model:ir.model,name:vault_share.model_vault_share_log
-#, python-format
-msgid "Vault share log"
-msgstr "Registro de compartición de la bóveda"
-
-#. module: vault_share
-#: code:addons/vault_share/models/vault_share.py:0
-#: model:ir.model,name:vault_share.model_vault_share
-#, python-format
-msgid "Vault share outgoing secrets"
-msgstr "La bóveda comparte secretos de salida"
-
-#, python-format
-#~ msgid "The share was accessed by %s via %s"
-#~ msgstr "El recurso compartido fue accedido por %s a través de %s"
-
-#, python-format
-#~ msgid "The share was created by %s"
-#~ msgstr "El recurso compartido fue creado por %s"
diff --git a/vault_share/i18n/nl.po b/vault_share/i18n/nl.po
deleted file mode 100644
index 5ea11a1ac3..0000000000
--- a/vault_share/i18n/nl.po
+++ /dev/null
@@ -1,281 +0,0 @@
-# Translation of Odoo Server.
-# This file contains the translation of the following modules:
-# 	* vault_share
-#
-msgid ""
-msgstr ""
-"Project-Id-Version: Odoo Server 15.0\n"
-"Report-Msgid-Bugs-To: \n"
-"PO-Revision-Date: 2023-05-05 13:33+0000\n"
-"Last-Translator: Bosd <c5e2fd43-d292-4c90-9d1f-74ff3436329a@anonaddy.me>\n"
-"Language-Team: none\n"
-"Language: nl\n"
-"MIME-Version: 1.0\n"
-"Content-Type: text/plain; charset=UTF-8\n"
-"Content-Transfer-Encoding: \n"
-"Plural-Forms: nplurals=2; plural=n != 1;\n"
-"X-Generator: Weblate 4.14.1\n"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__accesses
-msgid "Access counter"
-msgstr "Toegangsteller"
-
-#. module: vault_share
-#: model:ir.actions.server,name:vault_share.cron_share_clean_ir_actions_server
-#: model:ir.cron,cron_name:vault_share.cron_share_clean
-#: model:ir.cron,name:vault_share.cron_share_clean
-msgid "Clean outgoing share"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model,name:vault_share.model_res_company
-msgid "Companies"
-msgstr "Bedrijven"
-
-#. module: vault_share
-#: model:ir.model,name:vault_share.model_res_config_settings
-msgid "Config Settings"
-msgstr "Configuratie-instellingen"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__create_uid
-#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__create_uid
-msgid "Created by"
-msgstr "Aangemaakt door"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__create_date
-#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__create_date
-msgid "Created on"
-msgstr "Aangemaakt op"
-
-#. module: vault_share
-#: model_terms:ir.ui.view,arch_db:vault_share.res_config_settings_view_form
-msgid "Days"
-msgstr "Dagen"
-
-#. module: vault_share
-#: model_terms:ir.ui.view,arch_db:vault_share.res_config_settings_view_form
-msgid "Delay the deletion of shares"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_res_config_settings__vault_share_delay
-msgid "Delayed Deletion"
-msgstr "Uitgestelde verwijdering"
-
-#. module: vault_share
-#: model:ir.model.fields,help:vault_share.field_res_config_settings__vault_share_delay
-msgid ""
-"Delays the deletion of a share. After the expiration date it continues to "
-"stay inaccessible"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__display_name
-#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__display_name
-msgid "Display Name"
-msgstr "Schermnaam"
-
-#. module: vault_share
-#: model_terms:ir.ui.view,arch_db:vault_share.share
-msgid "Enter the pin:"
-msgstr "Voer de pincode in:"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__expiration
-msgid "Expiration"
-msgstr "Vervaldatum"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__filename
-msgid "Filename"
-msgstr "Bestandsnaam"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__id
-#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__id
-msgid "ID"
-msgstr "ID"
-
-#. module: vault_share
-#: code:addons/vault_share/controllers/main.py:0
-#, python-format
-msgid "Invalid token"
-msgstr "Ongeldige token"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__iv
-msgid "Iv"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share____last_update
-#: model:ir.model.fields,field_description:vault_share.field_vault_share_log____last_update
-msgid "Last Modified on"
-msgstr "Laatst gewijzigd op"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__write_uid
-#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__write_uid
-msgid "Last Updated by"
-msgstr "Laatst bijgewerkt door"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__write_date
-#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__write_date
-msgid "Last Updated on"
-msgstr "Laatst bijgewerkt op"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__log_ids
-msgid "Log"
-msgstr "Log"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__name
-#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__name
-msgid "Name"
-msgstr "Naam"
-
-#. module: vault_share
-#: code:addons/vault_share/models/vault_share.py:0
-#: model:ir.model.constraint,message:vault_share.constraint_vault_share_value_check
-#, python-format
-msgid "No value found"
-msgstr "Geen waarde gevonden"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__pin
-msgid "Pin"
-msgstr "Pin"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__salt
-msgid "Salt"
-msgstr ""
-
-#. module: vault_share
-#. openerp-web
-#: code:addons/vault_share/static/src/backend/templates.xml:0
-#, python-format
-msgid "Save in a vault"
-msgstr "Opslaan in een kluis"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__secret
-msgid "Secret"
-msgstr "Geheim"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__secret_file
-msgid "Secret File"
-msgstr "Secret File"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__share_id
-msgid "Share"
-msgstr "Delen"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__share_link
-msgid "Share URL"
-msgstr "Share URL"
-
-#. module: vault_share
-#. openerp-web
-#: code:addons/vault_share/static/src/legacy/vault_fields.js:0
-#, python-format
-msgid "Share the secret"
-msgstr "Deel het geheim"
-
-#. module: vault_share
-#. openerp-web
-#: code:addons/vault_share/static/src/backend/templates.xml:0
-#, python-format
-msgid "Share the secret with an external user"
-msgstr "Het geheim delen met een externe gebruiker"
-
-#. module: vault_share
-#: model_terms:ir.ui.view,arch_db:vault_share.share
-msgid "Shared file:"
-msgstr "Gedeeld bestand:"
-
-#. module: vault_share
-#: model_terms:ir.ui.view,arch_db:vault_share.share
-msgid "Shared secret:"
-msgstr "Gedeeld geheim:"
-
-#. module: vault_share
-#: model:ir.actions.act_window,name:vault_share.action_vault_share
-#: model:ir.ui.menu,name:vault_share.menu_vault_share
-msgid "Shares"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,help:vault_share.field_vault_share__expiration
-msgid "Specifies how long a share can be accessed until deletion."
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,help:vault_share.field_vault_share__accesses
-msgid "Specifies how often a share can be accessed before deletion."
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,help:vault_share.field_vault_share__pin
-msgid "The pin needed to decrypt the share."
-msgstr ""
-
-#. module: vault_share
-#: code:addons/vault_share/controllers/main.py:0
-#, python-format
-msgid "The secret expired"
-msgstr "Het geheim is verlopen"
-
-#. module: vault_share
-#: code:addons/vault_share/models/vault_share.py:0
-#, python-format
-msgid "The share was accessed by %(name)s via %(ip)s"
-msgstr "Het record werd geopend door %(name)s via %(ip)s"
-
-#. module: vault_share
-#: code:addons/vault_share/models/vault_share.py:0
-#, python-format
-msgid "The share was created by %(name)s"
-msgstr "Het record is gemaakt door %(name)s"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__token
-msgid "Token"
-msgstr "Token"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__user_id
-msgid "User"
-msgstr "Gebruiker"
-
-#. module: vault_share
-#: model:ir.model.fields,help:vault_share.field_vault_share__share_link
-msgid "Using this link and pin people can access the secret."
-msgstr "Met deze link en pin kunnen mensen toegang krijgen tot het geheim."
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_res_company__vault_share_delay
-msgid "Vault Share Delay"
-msgstr ""
-
-#. module: vault_share
-#: code:addons/vault_share/models/vault_share_log.py:0
-#: model:ir.model,name:vault_share.model_vault_share_log
-#, python-format
-msgid "Vault share log"
-msgstr ""
-
-#. module: vault_share
-#: code:addons/vault_share/models/vault_share.py:0
-#: model:ir.model,name:vault_share.model_vault_share
-#, python-format
-msgid "Vault share outgoing secrets"
-msgstr ""
diff --git a/vault_share/i18n/vault_share.pot b/vault_share/i18n/vault_share.pot
deleted file mode 100644
index 9556dfab0d..0000000000
--- a/vault_share/i18n/vault_share.pot
+++ /dev/null
@@ -1,282 +0,0 @@
-# Translation of Odoo Server.
-# This file contains the translation of the following modules:
-# 	* vault_share
-#
-msgid ""
-msgstr ""
-"Project-Id-Version: Odoo Server 15.0\n"
-"Report-Msgid-Bugs-To: \n"
-"Last-Translator: \n"
-"Language-Team: \n"
-"MIME-Version: 1.0\n"
-"Content-Type: text/plain; charset=UTF-8\n"
-"Content-Transfer-Encoding: \n"
-"Plural-Forms: \n"
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__accesses
-msgid "Access counter"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.actions.server,name:vault_share.cron_share_clean_ir_actions_server
-#: model:ir.cron,cron_name:vault_share.cron_share_clean
-#: model:ir.cron,name:vault_share.cron_share_clean
-msgid "Clean outgoing share"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model,name:vault_share.model_res_company
-msgid "Companies"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model,name:vault_share.model_res_config_settings
-msgid "Config Settings"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__create_uid
-#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__create_uid
-msgid "Created by"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__create_date
-#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__create_date
-msgid "Created on"
-msgstr ""
-
-#. module: vault_share
-#: model_terms:ir.ui.view,arch_db:vault_share.res_config_settings_view_form
-msgid "Days"
-msgstr ""
-
-#. module: vault_share
-#: model_terms:ir.ui.view,arch_db:vault_share.res_config_settings_view_form
-msgid "Delay the deletion of shares"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_res_config_settings__vault_share_delay
-msgid "Delayed Deletion"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,help:vault_share.field_res_config_settings__vault_share_delay
-msgid ""
-"Delays the deletion of a share. After the expiration date it continues to "
-"stay inaccessible"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__display_name
-#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__display_name
-msgid "Display Name"
-msgstr ""
-
-#. module: vault_share
-#: model_terms:ir.ui.view,arch_db:vault_share.share
-msgid "Enter the pin:"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__expiration
-msgid "Expiration"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__filename
-msgid "Filename"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__id
-#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__id
-msgid "ID"
-msgstr ""
-
-#. module: vault_share
-#: code:addons/vault_share/controllers/main.py:0
-#, python-format
-msgid "Invalid token"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__iv
-msgid "Iv"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share____last_update
-#: model:ir.model.fields,field_description:vault_share.field_vault_share_log____last_update
-msgid "Last Modified on"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__write_uid
-#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__write_uid
-msgid "Last Updated by"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__write_date
-#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__write_date
-msgid "Last Updated on"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__log_ids
-msgid "Log"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__name
-#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__name
-msgid "Name"
-msgstr ""
-
-#. module: vault_share
-#: code:addons/vault_share/models/vault_share.py:0
-#: model:ir.model.constraint,message:vault_share.constraint_vault_share_value_check
-#, python-format
-msgid "No value found"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__pin
-msgid "Pin"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__salt
-msgid "Salt"
-msgstr ""
-
-#. module: vault_share
-#. openerp-web
-#: code:addons/vault_share/static/src/backend/templates.xml:0
-#: code:addons/vault_share/static/src/backend/templates.xml:0
-#: code:addons/vault_share/static/src/backend/templates.xml:0
-#: code:addons/vault_share/static/src/backend/templates.xml:0
-#, python-format
-msgid "Save in a vault"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__secret
-msgid "Secret"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__secret_file
-msgid "Secret File"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share_log__share_id
-msgid "Share"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__share_link
-msgid "Share URL"
-msgstr ""
-
-#. module: vault_share
-#. openerp-web
-#: code:addons/vault_share/static/src/legacy/vault_fields.js:0
-#, python-format
-msgid "Share the secret"
-msgstr ""
-
-#. module: vault_share
-#. openerp-web
-#: code:addons/vault_share/static/src/backend/templates.xml:0
-#: code:addons/vault_share/static/src/backend/templates.xml:0
-#, python-format
-msgid "Share the secret with an external user"
-msgstr ""
-
-#. module: vault_share
-#: model_terms:ir.ui.view,arch_db:vault_share.share
-msgid "Shared file:"
-msgstr ""
-
-#. module: vault_share
-#: model_terms:ir.ui.view,arch_db:vault_share.share
-msgid "Shared secret:"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.actions.act_window,name:vault_share.action_vault_share
-#: model:ir.ui.menu,name:vault_share.menu_vault_share
-msgid "Shares"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,help:vault_share.field_vault_share__expiration
-msgid "Specifies how long a share can be accessed until deletion."
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,help:vault_share.field_vault_share__accesses
-msgid "Specifies how often a share can be accessed before deletion."
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,help:vault_share.field_vault_share__pin
-msgid "The pin needed to decrypt the share."
-msgstr ""
-
-#. module: vault_share
-#: code:addons/vault_share/controllers/main.py:0
-#, python-format
-msgid "The secret expired"
-msgstr ""
-
-#. module: vault_share
-#: code:addons/vault_share/models/vault_share.py:0
-#, python-format
-msgid "The share was accessed by %(name)s via %(ip)s"
-msgstr ""
-
-#. module: vault_share
-#: code:addons/vault_share/models/vault_share.py:0
-#, python-format
-msgid "The share was created by %(name)s"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__token
-msgid "Token"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_vault_share__user_id
-msgid "User"
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,help:vault_share.field_vault_share__share_link
-msgid "Using this link and pin people can access the secret."
-msgstr ""
-
-#. module: vault_share
-#: model:ir.model.fields,field_description:vault_share.field_res_company__vault_share_delay
-msgid "Vault Share Delay"
-msgstr ""
-
-#. module: vault_share
-#: code:addons/vault_share/models/vault_share_log.py:0
-#: model:ir.model,name:vault_share.model_vault_share_log
-#, python-format
-msgid "Vault share log"
-msgstr ""
-
-#. module: vault_share
-#: code:addons/vault_share/models/vault_share.py:0
-#: model:ir.model,name:vault_share.model_vault_share
-#, python-format
-msgid "Vault share outgoing secrets"
-msgstr ""
diff --git a/vault_share/models/__init__.py b/vault_share/models/__init__.py
deleted file mode 100644
index e6b947e32a..0000000000
--- a/vault_share/models/__init__.py
+++ /dev/null
@@ -1,4 +0,0 @@
-# © 2021 Florian Kantelberg - initOS GmbH
-# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
-
-from . import res_company, res_config_settings, vault_share, vault_share_log
diff --git a/vault_share/models/res_company.py b/vault_share/models/res_company.py
deleted file mode 100644
index 8eac8cd823..0000000000
--- a/vault_share/models/res_company.py
+++ /dev/null
@@ -1,10 +0,0 @@
-# © 2021 Florian Kantelberg - initOS GmbH
-# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
-
-from odoo import fields, models
-
-
-class RecCompany(models.Model):
-    _inherit = "res.company"
-
-    vault_share_delay = fields.Integer(default=0)
diff --git a/vault_share/models/res_config_settings.py b/vault_share/models/res_config_settings.py
deleted file mode 100644
index 15b04def40..0000000000
--- a/vault_share/models/res_config_settings.py
+++ /dev/null
@@ -1,24 +0,0 @@
-# © 2021 Florian Kantelberg - initOS GmbH
-# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
-
-import logging
-
-from odoo import api, fields, models
-
-_logger = logging.getLogger(__name__)
-
-
-class ResConfigSettings(models.TransientModel):
-    _inherit = "res.config.settings"
-
-    vault_share_delay = fields.Integer(
-        string="Delayed Deletion",
-        related="company_id.vault_share_delay",
-        readonly=False,
-        help="Delays the deletion of a share. After the expiration date it continues "
-        "to stay inaccessible",
-    )
-
-    @api.onchange("vault_share_delay")
-    def _on_change_mins(self):
-        self.vault_share_delay = max(0, self.vault_share_delay)
diff --git a/vault_share/models/vault_share.py b/vault_share/models/vault_share.py
deleted file mode 100644
index 4b0f119f8a..0000000000
--- a/vault_share/models/vault_share.py
+++ /dev/null
@@ -1,84 +0,0 @@
-# © 2021 Florian Kantelberg - initOS GmbH
-# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
-
-import logging
-from datetime import datetime, timedelta
-from uuid import uuid4
-
-from odoo import _, api, fields, models
-
-_logger = logging.getLogger(__name__)
-
-
-class VaultShare(models.Model):
-    _name = "vault.share"
-    _description = _("Vault share outgoing secrets")
-
-    user_id = fields.Many2one("res.users", default=lambda self: self.env.uid)
-    name = fields.Char(required=True)
-    share_link = fields.Char(
-        "Share URL",
-        compute="_compute_url",
-        store=False,
-        help="Using this link and pin people can access the secret.",
-    )
-    token = fields.Char(readonly=True, required=True, default=lambda self: uuid4())
-    secret = fields.Char()
-    secret_file = fields.Char()
-    filename = fields.Char()
-    salt = fields.Char(required=True)
-    iv = fields.Char(required=True)
-    pin = fields.Char(required=True, help="The pin needed to decrypt the share.")
-    accesses = fields.Integer(
-        "Access counter",
-        default=5,
-        help="Specifies how often a share can be accessed before deletion.",
-    )
-    expiration = fields.Datetime(
-        default=lambda self: datetime.now() + timedelta(days=7),
-        help="Specifies how long a share can be accessed until deletion.",
-    )
-    log_ids = fields.One2many("vault.share.log", "share_id", "Log", readonly=True)
-
-    _sql_constraints = [
-        (
-            "value_check",
-            "CHECK(secret IS NOT NULL OR secret_file IS NOT NULL)",
-            _("No value found"),
-        ),
-    ]
-
-    @api.depends("token")
-    def _compute_url(self):
-        base_url = self.env["ir.config_parameter"].sudo().get_param("web.base.url")
-        for rec in self:
-            rec.share_link = f"{base_url}/vault/share/{rec.token}"
-
-    @api.model
-    def get(self, token, ip=None):
-        rec = self.search([("token", "=", token)], limit=1)
-        if not rec:
-            return rec
-
-        if datetime.now() < rec.expiration and rec.accesses > 0:
-            rec.accesses -= 1
-            log = _("The share was accessed by %(name)s via %(ip)s")
-            rec.log_ids = [
-                (0, 0, {"name": log % {"name": self.env.user.name, "ip": ip or "n/a"}})
-            ]
-            return rec
-
-        return None
-
-    @api.model
-    def create(self, vals):
-        rec = super().create(vals)
-        log = _("The share was created by %(name)s")
-        rec.log_ids = [(0, 0, {"name": log % {"name": self.env.user.name}})]
-        return rec
-
-    @api.model
-    def clean(self):
-        now = datetime.now()
-        offset = timedelta(days=self.env.company.vault_share_delay)
-        self.search([("expiration", "<=", now + offset)]).unlink()
diff --git a/vault_share/models/vault_share_log.py b/vault_share/models/vault_share_log.py
deleted file mode 100644
index c8c2ef047e..0000000000
--- a/vault_share/models/vault_share_log.py
+++ /dev/null
@@ -1,22 +0,0 @@
-# © 2021 Florian Kantelberg - initOS GmbH
-# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
-
-import logging
-
-from odoo import _, fields, models
-
-_logger = logging.getLogger(__name__)
-
-
-class VaultShareLog(models.Model):
-    _name = "vault.share.log"
-    _description = _("Vault share log")
-    _order = "create_date DESC"
-
-    share_id = fields.Many2one(
-        "vault.share",
-        ondelete="cascade",
-        readonly=True,
-        required=True,
-    )
-    name = fields.Char(readonly=True)
diff --git a/vault_share/readme/CONTRIBUTORS.rst b/vault_share/readme/CONTRIBUTORS.rst
deleted file mode 100644
index e202826121..0000000000
--- a/vault_share/readme/CONTRIBUTORS.rst
+++ /dev/null
@@ -1 +0,0 @@
-* Florian Kantelberg <florian.kantelberg@initos.com>
diff --git a/vault_share/readme/DESCRIPTION.rst b/vault_share/readme/DESCRIPTION.rst
deleted file mode 100644
index 51e526ca52..0000000000
--- a/vault_share/readme/DESCRIPTION.rst
+++ /dev/null
@@ -1,6 +0,0 @@
-This module implements possibilities to share specific secrets with external users. This bases on the vault implementation and the generated RSA key pair.
-
-Share
-=====
-
-This allows an user to share a secret with external users. A share can be generated from a vault entry or directly created by an user. The secret is symmetrically encrypted by a key derived from a pin. To grant access the user has to transmit the link and pin with the external. If either the access counter reaches 0 or the share expires it will be deleted automatically. Due to the usage of a numeric pin and the browser side decryption a share is vulnerable to brute-force attacks and shouldn't be used as a permanent storage for secrets. For long time uses the user should create an account and a vault should be used.
diff --git a/vault_share/security/ir.model.access.csv b/vault_share/security/ir.model.access.csv
deleted file mode 100644
index 54569a817c..0000000000
--- a/vault_share/security/ir.model.access.csv
+++ /dev/null
@@ -1,3 +0,0 @@
-id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
-access_vault_share,access_vault_share,model_vault_share,base.group_user,1,1,1,1
-access_vault_share_log,access_vault_share_log,model_vault_share_log,base.group_user,1,1,1,1
diff --git a/vault_share/security/ir_rule.xml b/vault_share/security/ir_rule.xml
deleted file mode 100644
index e9a1dc2576..0000000000
--- a/vault_share/security/ir_rule.xml
+++ /dev/null
@@ -1,22 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-<odoo>
-    <record id="vault_share_owner" model="ir.rule">
-        <field name="name">vault.share.access.owner</field>
-        <field name="model_id" ref="vault_share.model_vault_share" />
-        <field name="domain_force">[('user_id', '=', user.id)]</field>
-        <field name="perm_create" eval="1" />
-        <field name="perm_write" eval="1" />
-        <field name="perm_unlink" eval="1" />
-        <field name="perm_read" eval="1" />
-    </record>
-
-    <record id="vault_share_log_owner" model="ir.rule">
-        <field name="name">vault.share.log.access.owner</field>
-        <field name="model_id" ref="vault_share.model_vault_share_log" />
-        <field name="domain_force">[('share_id.user_id', '=', user.id)]</field>
-        <field name="perm_create" eval="1" />
-        <field name="perm_write" eval="1" />
-        <field name="perm_unlink" eval="1" />
-        <field name="perm_read" eval="1" />
-    </record>
-</odoo>
diff --git a/vault_share/static/description/icon.png b/vault_share/static/description/icon.png
deleted file mode 100644
index a0c9035d9b2247bbe8008a1601aafb0524a2c13d..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2287
zcmV<L2oU#)P)<h;3K|Lk000e1NJLTq002e+002e^1^@s6aW3M700004b3#c}2nYxW
zd<bNS000Q4Nkl<Zc%1E<U2Ggz6~})wyZ*{zJ8_7e=EENfF^Sr`F0E6<M};Z`qJ;-O
z6iU(}QBXsicV2k|#1jvoiU&|Zsz69kRSho)s7MtsZAgT0qR=L!NgVR!HU3<$cW3tU
zFn8wOJ2PwV?Cv;-?7WP}bI!Tv{O|vsbLL*#LS8?5{bwTA+f7?XI{=pdLjGh~Amm;B
zUMNY+d$zEYoc3B%l#k(OUtB7N-s^h0AHjI0yAcNrzYK%ktz0g%GQY&vpZt;){Q8G~
zctzZtze}N9#I3m6;Nf6Rrwu1X)M;JLaMH36hya{GkFXxvxKd6iy<jqoXKl(9dYT`;
zVPV9Xu`RmVIvL1q=Y{dlS=RS|^^&+=%14~l2dUTDKu$#UBF++{7n%f<pdsc2;Ku0b
z&tc|harr;&bh@$UMFA|l;E;oZhp0qeEfWwz4laZgQ^EKG7M7F?6wF|ezT$!E|H5F7
zkUt6EtS~{5{`mt3&jtumPm9Z&d<_(#;*vnH+*ZOaxFx8lAgkWR`tL13Y-Fdhv7HUy
z*D_8OJA~g?v9n4E+i@K|leL&5z^w>u1JM?9g1fDd5-sLv%rO|#VvfNWiDip926JK=
z(_)Um4v=awN51v&u-B{S_cL>B2{A3^n9NZ*ro|kCIkrNO7IOk{;;K@MIWos+2)CG{
zn3D|<)Am(_27=meiONxl(UW&{JLqy@yB4CN>1A>}uwyU7TX(UmyOXX=7Th9BYjfPV
zd!2Xkvn*AFniO9TwVxF0ha4xY7x72h$qLkr>p~`Tf~oUnHnKUT>G@NqF~Zmh6!JOb
zbY{z54juR?Pwp9Hpq=<@6e#DpJad-cT|CdfN)^qI80J{<aT)&0xO6*M7S{2fd|UX!
z2A%Xl^k=PY4)jD=FTA6t>?k?kr%s0Uf10m6e2{@m6+q&y@*L;RpXAq9?@|o>_eW}c
zC(u?-M%QNQImh14#1miR#CSqb0NVO^bo>a%$M(^eLe8;4)Rx_wUafi=KXjNQgT1sR
z#6(?Lc8`3PZ;TDmU3HxLs+Ib>W^<X-Kl(I>2YVBM;7~5Du<Ay^=^uH9FAw!JwOR#L
z$xjvG?4C-s+A_}J2Z!jY5t7yX8Gdo*6w}KNRwl>b&{I4+rZ2xv4m|it9=rJ)&Xk%{
zt?V#T9)f8y$7cV*5A%U)l_z|y{DYsL{v*>%j>ibMz_lwUd3pNZly$kb5uO@-fNYcc
zoS6NXlyi=~kB<y)tq~QNyEV<FwWystGt*oR$@cFaW1qcIZmTWl1UY82n3L@vt(`5N
zoADj83xxAc=UyJ_wSBdQm}3(NZ4Pt#wr!^;0W5tx4>D*)zpb|IIlxe)#OLVm$<|mE
z*Jq9`0>~hJ=49y3<r2UG<R0a#AAf=mcG+^qJJ>b+8D4y3Fs96Bd0(!lDc@FEA0gGj
z##J2&S`(^Oo1IMt4A9g6364GUF&0-=aN2V8wXb8t&dPWQ`J1d-d0*FZ#?xm`g+jTQ
z7#Q!$(v$059~8hT7Jc^`Vvejz6;HI{8%Zzc+*w#L%WP9Ghq=OnS!HVRH|F=Yfz&22
zr!YIi?bLv|!{xlI7|;N7LVZly%(2-$uqRPfN^+I+?{cvaUuBXq#}3MO>deWo`@m5q
zA0J8ym?D?2OmoNYbM(0CU`~~j$YwLgX87O{CMVJY1<Luq^7@tK>VEj~)W{rLVo7?;
z$uRuzQI1axrv?h8Yn=Ss+uV%nkn3cQy*`4CGRJ24p`%QGXqYXjAOg5~PEWnYsRdW{
zQ%yL1$a)BZ!5oRW+B1#r{RT~&GN76&ED#-xj6KWbV=02NdX3-z<u!ggTR=Lhnl)4$
zUh`(gWim&LQ_5$(8JBd5=>)xd#WPlOhnzMj4!39C<kfRiTr6ml682j^eTa)|oenvx
z7||@|bTTsb948*%({xY@%eT3D=K^oNbB?p~Yr%}KcluB-bF_0Mn!ub6MkbDOVyrPx
z%6Cum(y6zZYs=By)d}tz%S(CkWe4ME$ImIoGHMQUvigiS#+(jDC!XWj*xtrKS@=6I
z|LG0hErL~CVQz__DmHR%m6SQz@K<qt%;{kNq31dFNFAW8zQ-FEF0*JkluHX-dhegy
zC}RYb%8BO&%<-xcniF*}XUo3N^UZod0Vv&K>inO%5n>=ArvYQxrp=t7j|sL0f_p8U
zt=H!a?0A1e%cqvFa$r;c%EFedA3AfqxBha9VUA}7Pcf^$jq15d%LF?#LGF^nRow~n
zgOrX-f0UZf9F-Q(!Lc^(kc}NY->GCdNBLIERW8huF9EKDQ<`P!>>2X9J&4*5Er-p>
zIoV(>`bMZD=Onmpo&P1@o1P8E@h8~KCDE$4**Pb=gI8D1NdnEiIxA0>b8KUc1<Xm3
zbDTPIjQMR9bex*AzQDc8In{UY5-{i5r3+kNs{xO-D@@JICa8M%jycu~KlqkVOFPs7
z$`^X#HRb$>Eok4$&Yn*1tS3%SI4myaS#-@@;@=`UC-4I`<9f~^oJ%k}WdAuPu3G-b
zQ~PTNJv&#-tX)gBD$R3iHk$bKX3%#wT6Me^ssEKlf@)<4$Qx_3k(?9mb5w_{Eqawp
zg2ny6m2<otQ+16tTCHO21fbPpXY+E7txa)@IT~}!s?=gmaJLPlTFeQU6MwGMVvc`y
z9a>{8=B)oek@qumY=6dE%rTj>!Aa!(%N)DnI_9@Zi#b#r7uzkCYnuseM*rWL<181k
zt!2lDs>K{>$NA5yXX8^Zeo^%8+Ch6)2X-c_4eAFQdJdusZz1U0gE4w4CJiJ_4;@?u
zlA#y3<q_7?<*1^k$sq);>ryJLk-vVMSHJsHW&R73&x`q`c}k@c7=tSF`bk~PYt5OE
zlMow>8YlE<1Se-QPB3i0id|z8<J`9_+S}XN*3-)?-}$ix@LygOcaE+cnFRm<002ov
JPDHLkV1n|ya*F@}

diff --git a/vault_share/static/description/index.html b/vault_share/static/description/index.html
deleted file mode 100644
index dc79eb489c..0000000000
--- a/vault_share/static/description/index.html
+++ /dev/null
@@ -1,414 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
-<head>
-<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-<meta name="generator" content="Docutils: https://docutils.sourceforge.io/" />
-<title>Vault - Share</title>
-<style type="text/css">
-
-/*
-:Author: David Goodger (goodger@python.org)
-:Id: $Id: html4css1.css 8954 2022-01-20 10:10:25Z milde $
-:Copyright: This stylesheet has been placed in the public domain.
-
-Default cascading style sheet for the HTML output of Docutils.
-
-See https://docutils.sourceforge.io/docs/howto/html-stylesheets.html for how to
-customize this style sheet.
-*/
-
-/* used to remove borders from tables and images */
-.borderless, table.borderless td, table.borderless th {
-  border: 0 }
-
-table.borderless td, table.borderless th {
-  /* Override padding for "table.docutils td" with "! important".
-     The right padding separates the table cells. */
-  padding: 0 0.5em 0 0 ! important }
-
-.first {
-  /* Override more specific margin styles with "! important". */
-  margin-top: 0 ! important }
-
-.last, .with-subtitle {
-  margin-bottom: 0 ! important }
-
-.hidden {
-  display: none }
-
-.subscript {
-  vertical-align: sub;
-  font-size: smaller }
-
-.superscript {
-  vertical-align: super;
-  font-size: smaller }
-
-a.toc-backref {
-  text-decoration: none ;
-  color: black }
-
-blockquote.epigraph {
-  margin: 2em 5em ; }
-
-dl.docutils dd {
-  margin-bottom: 0.5em }
-
-object[type="image/svg+xml"], object[type="application/x-shockwave-flash"] {
-  overflow: hidden;
-}
-
-/* Uncomment (and remove this text!) to get bold-faced definition list terms
-dl.docutils dt {
-  font-weight: bold }
-*/
-
-div.abstract {
-  margin: 2em 5em }
-
-div.abstract p.topic-title {
-  font-weight: bold ;
-  text-align: center }
-
-div.admonition, div.attention, div.caution, div.danger, div.error,
-div.hint, div.important, div.note, div.tip, div.warning {
-  margin: 2em ;
-  border: medium outset ;
-  padding: 1em }
-
-div.admonition p.admonition-title, div.hint p.admonition-title,
-div.important p.admonition-title, div.note p.admonition-title,
-div.tip p.admonition-title {
-  font-weight: bold ;
-  font-family: sans-serif }
-
-div.attention p.admonition-title, div.caution p.admonition-title,
-div.danger p.admonition-title, div.error p.admonition-title,
-div.warning p.admonition-title, .code .error {
-  color: red ;
-  font-weight: bold ;
-  font-family: sans-serif }
-
-/* Uncomment (and remove this text!) to get reduced vertical space in
-   compound paragraphs.
-div.compound .compound-first, div.compound .compound-middle {
-  margin-bottom: 0.5em }
-
-div.compound .compound-last, div.compound .compound-middle {
-  margin-top: 0.5em }
-*/
-
-div.dedication {
-  margin: 2em 5em ;
-  text-align: center ;
-  font-style: italic }
-
-div.dedication p.topic-title {
-  font-weight: bold ;
-  font-style: normal }
-
-div.figure {
-  margin-left: 2em ;
-  margin-right: 2em }
-
-div.footer, div.header {
-  clear: both;
-  font-size: smaller }
-
-div.line-block {
-  display: block ;
-  margin-top: 1em ;
-  margin-bottom: 1em }
-
-div.line-block div.line-block {
-  margin-top: 0 ;
-  margin-bottom: 0 ;
-  margin-left: 1.5em }
-
-div.sidebar {
-  margin: 0 0 0.5em 1em ;
-  border: medium outset ;
-  padding: 1em ;
-  background-color: #ffffee ;
-  width: 40% ;
-  float: right ;
-  clear: right }
-
-div.sidebar p.rubric {
-  font-family: sans-serif ;
-  font-size: medium }
-
-div.system-messages {
-  margin: 5em }
-
-div.system-messages h1 {
-  color: red }
-
-div.system-message {
-  border: medium outset ;
-  padding: 1em }
-
-div.system-message p.system-message-title {
-  color: red ;
-  font-weight: bold }
-
-div.topic {
-  margin: 2em }
-
-h1.section-subtitle, h2.section-subtitle, h3.section-subtitle,
-h4.section-subtitle, h5.section-subtitle, h6.section-subtitle {
-  margin-top: 0.4em }
-
-h1.title {
-  text-align: center }
-
-h2.subtitle {
-  text-align: center }
-
-hr.docutils {
-  width: 75% }
-
-img.align-left, .figure.align-left, object.align-left, table.align-left {
-  clear: left ;
-  float: left ;
-  margin-right: 1em }
-
-img.align-right, .figure.align-right, object.align-right, table.align-right {
-  clear: right ;
-  float: right ;
-  margin-left: 1em }
-
-img.align-center, .figure.align-center, object.align-center {
-  display: block;
-  margin-left: auto;
-  margin-right: auto;
-}
-
-table.align-center {
-  margin-left: auto;
-  margin-right: auto;
-}
-
-.align-left {
-  text-align: left }
-
-.align-center {
-  clear: both ;
-  text-align: center }
-
-.align-right {
-  text-align: right }
-
-/* reset inner alignment in figures */
-div.align-right {
-  text-align: inherit }
-
-/* div.align-center * { */
-/*   text-align: left } */
-
-.align-top    {
-  vertical-align: top }
-
-.align-middle {
-  vertical-align: middle }
-
-.align-bottom {
-  vertical-align: bottom }
-
-ol.simple, ul.simple {
-  margin-bottom: 1em }
-
-ol.arabic {
-  list-style: decimal }
-
-ol.loweralpha {
-  list-style: lower-alpha }
-
-ol.upperalpha {
-  list-style: upper-alpha }
-
-ol.lowerroman {
-  list-style: lower-roman }
-
-ol.upperroman {
-  list-style: upper-roman }
-
-p.attribution {
-  text-align: right ;
-  margin-left: 50% }
-
-p.caption {
-  font-style: italic }
-
-p.credits {
-  font-style: italic ;
-  font-size: smaller }
-
-p.label {
-  white-space: nowrap }
-
-p.rubric {
-  font-weight: bold ;
-  font-size: larger ;
-  color: maroon ;
-  text-align: center }
-
-p.sidebar-title {
-  font-family: sans-serif ;
-  font-weight: bold ;
-  font-size: larger }
-
-p.sidebar-subtitle {
-  font-family: sans-serif ;
-  font-weight: bold }
-
-p.topic-title {
-  font-weight: bold }
-
-pre.address {
-  margin-bottom: 0 ;
-  margin-top: 0 ;
-  font: inherit }
-
-pre.literal-block, pre.doctest-block, pre.math, pre.code {
-  margin-left: 2em ;
-  margin-right: 2em }
-
-pre.code .ln { color: grey; } /* line numbers */
-pre.code, code { background-color: #eeeeee }
-pre.code .comment, code .comment { color: #5C6576 }
-pre.code .keyword, code .keyword { color: #3B0D06; font-weight: bold }
-pre.code .literal.string, code .literal.string { color: #0C5404 }
-pre.code .name.builtin, code .name.builtin { color: #352B84 }
-pre.code .deleted, code .deleted { background-color: #DEB0A1}
-pre.code .inserted, code .inserted { background-color: #A3D289}
-
-span.classifier {
-  font-family: sans-serif ;
-  font-style: oblique }
-
-span.classifier-delimiter {
-  font-family: sans-serif ;
-  font-weight: bold }
-
-span.interpreted {
-  font-family: sans-serif }
-
-span.option {
-  white-space: nowrap }
-
-span.pre {
-  white-space: pre }
-
-span.problematic {
-  color: red }
-
-span.section-subtitle {
-  /* font-size relative to parent (h1..h6 element) */
-  font-size: 80% }
-
-table.citation {
-  border-left: solid 1px gray;
-  margin-left: 1px }
-
-table.docinfo {
-  margin: 2em 4em }
-
-table.docutils {
-  margin-top: 0.5em ;
-  margin-bottom: 0.5em }
-
-table.footnote {
-  border-left: solid 1px black;
-  margin-left: 1px }
-
-table.docutils td, table.docutils th,
-table.docinfo td, table.docinfo th {
-  padding-left: 0.5em ;
-  padding-right: 0.5em ;
-  vertical-align: top }
-
-table.docutils th.field-name, table.docinfo th.docinfo-name {
-  font-weight: bold ;
-  text-align: left ;
-  white-space: nowrap ;
-  padding-left: 0 }
-
-/* "booktabs" style (no vertical lines) */
-table.docutils.booktabs {
-  border: 0px;
-  border-top: 2px solid;
-  border-bottom: 2px solid;
-  border-collapse: collapse;
-}
-table.docutils.booktabs * {
-  border: 0px;
-}
-table.docutils.booktabs th {
-  border-bottom: thin solid;
-  text-align: left;
-}
-
-h1 tt.docutils, h2 tt.docutils, h3 tt.docutils,
-h4 tt.docutils, h5 tt.docutils, h6 tt.docutils {
-  font-size: 100% }
-
-ul.auto-toc {
-  list-style-type: none }
-
-</style>
-</head>
-<body>
-<div class="document" id="vault-share">
-<h1 class="title">Vault - Share</h1>
-
-<!-- !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-!! This file is generated by oca-gen-addon-readme !!
-!! changes will be overwritten.                   !!
-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-!! source digest: sha256:862181a2970df8e6c6143d187b9f24e63434f9c444c014c899076101d749be59
-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -->
-<p><a class="reference external image-reference" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external image-reference" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external image-reference" href="https://github.com/OCA/server-auth/tree/15.0/vault_share"><img alt="OCA/server-auth" src="https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github" /></a> <a class="reference external image-reference" href="https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-vault_share"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external image-reference" href="https://runboat.odoo-community.org/builds?repo=OCA/server-auth&amp;target_branch=15.0"><img alt="Try me on Runboat" src="https://img.shields.io/badge/runboat-Try%20me-875A7B.png" /></a></p>
-<p>This module implements possibilities to share specific secrets with external users. This bases on the vault implementation and the generated RSA key pair.</p>
-<div class="section" id="share">
-<h1>Share</h1>
-<p>This allows an user to share a secret with external users. A share can be generated from a vault entry or directly created by an user. The secret is symmetrically encrypted by a key derived from a pin. To grant access the user has to transmit the link and pin with the external. If either the access counter reaches 0 or the share expires it will be deleted automatically. Due to the usage of a numeric pin and the browser side decryption a share is vulnerable to brute-force attacks and shouldn’t be used as a permanent storage for secrets. For long time uses the user should create an account and a vault should be used.</p>
-<p><strong>Table of contents</strong></p>
-</div>
-<div class="section" id="bug-tracker">
-<h1>Bug Tracker</h1>
-<p>Bugs are tracked on <a class="reference external" href="https://github.com/OCA/server-auth/issues">GitHub Issues</a>.
-In case of trouble, please check there if your issue has already been reported.
-If you spotted it first, help us to smash it by providing a detailed and welcomed
-<a class="reference external" href="https://github.com/OCA/server-auth/issues/new?body=module:%20vault_share%0Aversion:%2015.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**">feedback</a>.</p>
-<p>Do not contact contributors directly about support or help with technical issues.</p>
-</div>
-<div class="section" id="credits">
-<h1>Credits</h1>
-<div class="section" id="authors">
-<h2>Authors</h2>
-<ul class="simple">
-<li>initOS GmbH</li>
-</ul>
-</div>
-<div class="section" id="contributors">
-<h2>Contributors</h2>
-<ul class="simple">
-<li>Florian Kantelberg &lt;<a class="reference external" href="mailto:florian.kantelberg&#64;initos.com">florian.kantelberg&#64;initos.com</a>&gt;</li>
-</ul>
-</div>
-<div class="section" id="maintainers">
-<h2>Maintainers</h2>
-<p>This module is maintained by the OCA.</p>
-<a class="reference external image-reference" href="https://odoo-community.org"><img alt="Odoo Community Association" src="https://odoo-community.org/logo.png" /></a>
-<p>OCA, or the Odoo Community Association, is a nonprofit organization whose
-mission is to support the collaborative development of Odoo features and
-promote its widespread use.</p>
-<p>This module is part of the <a class="reference external" href="https://github.com/OCA/server-auth/tree/15.0/vault_share">OCA/server-auth</a> project on GitHub.</p>
-<p>You are welcome to contribute. To learn how please visit <a class="reference external" href="https://odoo-community.org/page/Contribute">https://odoo-community.org/page/Contribute</a>.</p>
-</div>
-</div>
-</div>
-</body>
-</html>
diff --git a/vault_share/static/src/backend/templates.xml b/vault_share/static/src/backend/templates.xml
deleted file mode 100644
index f8a2c9b9c9..0000000000
--- a/vault_share/static/src/backend/templates.xml
+++ /dev/null
@@ -1,57 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-<templates id="template" xml:space="preserve">
-    <t t-name="FieldVaultShare">
-        <div class="o_vault o_vault_error" t-if="!widget.supported()">
-            <span>*******</span>
-        </div>
-        <input class="o_vault_share" t-elif="widget.mode == 'edit'" t-esc="value" />
-        <div class="o_vault" t-else="">
-            <t t-call="vault.buttons" />
-            <button
-                class="btn fa fa-save o_vault_save"
-                title="Save in a vault"
-                aria-label="Save in a vault"
-            />
-
-            <span class="o_vault_share" t-esc="value" />
-        </div>
-    </t>
-
-    <t t-name="FileVaultShare">
-        <div class="o_vault o_vault_error" t-if="!widget.supported()">
-            <span>*******</span>
-        </div>
-        <t t-elif="widget.mode == 'edit'" t-call="FieldBinaryFile" />
-        <div class="o_vault" t-else="">
-            <button
-                class="btn fa fa-save o_vault_save"
-                title="Save in a vault"
-                aria-label="Save in a vault"
-            />
-
-            <span class="link"><span class="fa fa-download" /> <t
-                    t-esc="filename"
-                /></span>
-        </div>
-    </t>
-
-    <t t-name="FieldPinVault">
-        <div class="o_vault o_vault_error" t-if="!widget.supported()">
-            <span>*******</span>
-        </div>
-        <div class="o_vault" t-else="">
-            <t t-call="vault.buttons" />
-            <span class="o_vault_value" t-esc="value" />
-        </div>
-    </t>
-
-    <t t-extend="FieldVault">
-        <t t-jquery="span.o_vault_value" t-operation="before">
-            <button
-                class="btn fa fa-external-link o_vault_share"
-                title="Share the secret with an external user"
-                aria-label="Share the secret with an external user"
-            />
-        </t>
-    </t>
-</templates>
diff --git a/vault_share/static/src/backend/vault_share.scss b/vault_share/static/src/backend/vault_share.scss
deleted file mode 100644
index 09e4e6b160..0000000000
--- a/vault_share/static/src/backend/vault_share.scss
+++ /dev/null
@@ -1,3 +0,0 @@
-.o_vault_share {
-    white-space: pre-wrap;
-}
diff --git a/vault_share/static/src/common/utils.esm.js b/vault_share/static/src/common/utils.esm.js
deleted file mode 100644
index 790858a529..0000000000
--- a/vault_share/static/src/common/utils.esm.js
+++ /dev/null
@@ -1,16 +0,0 @@
-/** @odoo-module alias=vault.share.utils **/
-// © 2021-2022 Florian Kantelberg - initOS GmbH
-// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
-
-const PinSize = 5;
-
-import utils from "vault.utils";
-
-function generate_pin(pin_size) {
-    return utils.generate_secret(pin_size, "0123456789");
-}
-
-export default {
-    PinSize: PinSize,
-    generate_pin: generate_pin,
-};
diff --git a/vault_share/static/src/frontend/share.esm.js b/vault_share/static/src/frontend/share.esm.js
deleted file mode 100644
index af9b28d0b3..0000000000
--- a/vault_share/static/src/frontend/share.esm.js
+++ /dev/null
@@ -1,56 +0,0 @@
-/** @odoo-module **/
-// © 2021-2022 Florian Kantelberg - initOS GmbH
-// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
-
-import utils from "vault.utils";
-
-const data = {};
-
-// Find the elements in the document and check if they have values
-function find_elements() {
-    for (const id of ["encrypted", "salt", "iv", "encrypted_file", "filename"])
-        if (!data[id]) {
-            const element = document.getElementById(id);
-            data[id] = element && element.value;
-        }
-}
-
-document.getElementById("pin").onchange = async function () {
-    if (!utils.supported()) return;
-
-    find_elements();
-
-    // Derive the key from the pin
-    const key = await utils.derive_key(this.value, utils.fromBase64(data.salt), 4000);
-
-    const secret = document.getElementById("secret");
-    const secret_file = document.getElementById("secret_file");
-    if (!secret && !secret_file) return;
-
-    // There is no secret to decrypt
-    if (!this.value) {
-        secret.setAttribute("class", "alert alert-danger col-12");
-        secret_file.setAttribute("class", "alert alert-danger col-12");
-        return;
-    }
-
-    // Decrypt the data and show the value
-    if (data.encrypted) {
-        secret.value = await utils.sym_decrypt(key, data.encrypted, data.iv);
-        secret.setAttribute("class", "alert alert-success col-12");
-    }
-
-    if (data.encrypted_file) {
-        const content = atob(
-            await utils.sym_decrypt(key, data.encrypted_file, data.iv)
-        );
-        const buffer = new ArrayBuffer(content.length);
-        const arr = new Uint8Array(buffer);
-        for (let i = 0; i < content.length; i++) arr[i] = content.charCodeAt(i);
-        const file = new Blob([arr]);
-        secret_file.text = data.filename;
-        secret_file.setAttribute("href", window.URL.createObjectURL(file));
-        secret_file.setAttribute("class", "alert alert-success col-12");
-        secret_file.setAttribute("download", data.filename);
-    }
-};
diff --git a/vault_share/static/src/legacy/vault_fields.js b/vault_share/static/src/legacy/vault_fields.js
deleted file mode 100644
index 23c8071051..0000000000
--- a/vault_share/static/src/legacy/vault_fields.js
+++ /dev/null
@@ -1,55 +0,0 @@
-// © 2021 Florian Kantelberg - initOS GmbH
-// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
-
-odoo.define("vault.share.fields", function (require) {
-    "use strict";
-
-    const core = require("web.core");
-    const sh_utils = require("vault.share.utils");
-    const utils = require("vault.utils");
-    const vault = require("vault");
-    const vault_fields = require("vault.fields");
-
-    const _t = core._t;
-
-    // Extend the widget to share
-    vault_fields.VaultField.include({
-        events: _.extend(vault_fields.VaultField.prototype.events, {
-            "click .o_vault_share": "_onShareValue",
-        }),
-
-        /**
-         * Share the value for an external user
-         *
-         * @private
-         * @param {OdooEvent} ev
-         */
-        _onShareValue: async function (ev) {
-            ev.stopPropagation();
-
-            const iv = await utils.generate_iv_base64();
-            const pin = sh_utils.generate_pin(sh_utils.PinSize);
-            const salt = utils.generate_bytes(utils.SaltLength).buffer;
-            const key = await utils.derive_key(pin, salt, 4000);
-            const public_key = await vault.get_public_key();
-            const value = await this._decrypt(this.value);
-
-            this.do_action({
-                type: "ir.actions.act_window",
-                title: _t("Share the secret"),
-                target: "new",
-                res_model: "vault.share",
-                views: [[false, "form"]],
-                context: {
-                    default_secret: await utils.sym_encrypt(key, value, iv),
-                    default_pin: await utils.asym_encrypt(
-                        public_key,
-                        pin + utils.generate_iv_base64()
-                    ),
-                    default_iv: iv,
-                    default_salt: utils.toBase64(salt),
-                },
-            });
-        },
-    });
-});
diff --git a/vault_share/static/src/legacy/vault_share_widget.js b/vault_share/static/src/legacy/vault_share_widget.js
deleted file mode 100644
index a985fc06d6..0000000000
--- a/vault_share/static/src/legacy/vault_share_widget.js
+++ /dev/null
@@ -1,367 +0,0 @@
-// © 2021 Florian Kantelberg - initOS GmbH
-// License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
-
-odoo.define("vault.share.widget", function (require) {
-    "use strict";
-
-    const basic_fields = require("web.basic_fields");
-    const core = require("web.core");
-    const registry = require("web.field_registry");
-    const sh_utils = require("vault.share.utils");
-    const utils = require("vault.utils");
-    const vault = require("vault");
-    const vault_fields = require("vault.fields");
-
-    const QWeb = core.qweb;
-
-    // Widget used to view the encrypted pin
-    const VaultPinField = basic_fields.InputField.extend(vault_fields.VaultAbstract, {
-        supportedFieldTypes: ["char"],
-        events: _.extend({}, basic_fields.InputField.prototype.events, {
-            "click .o_vault_show": "_onShowValue",
-            "click .o_vault_clipboard": "_onCopyValue",
-        }),
-        template: "FieldPinVault",
-
-        /**
-         * Prepare the widget by evaluating the field attributes and setting the defaults
-         *
-         * @override
-         */
-        init: function () {
-            this._super.apply(this, arguments);
-
-            this.pin_size = this.attrs.pin_size || sh_utils.PinSize;
-        },
-
-        /**
-         * Decrypt the value using the private key of the vault and slice it to
-         * the actual pin size because there is a salt following
-         *
-         * @private
-         * @param {String} data
-         * @returns the decrypted data
-         */
-        _decrypt: async function (data) {
-            if (!data) return data;
-
-            const private_key = await vault.get_private_key();
-            const plain = await utils.asym_decrypt(private_key, data);
-            return plain.slice(0, this.pin_size);
-        },
-
-        /**
-         * Render the decrypted value or the stars
-         *
-         * @private
-         */
-        _renderReadonly: function () {
-            this._renderValue(this.decrypted_value || "********");
-        },
-
-        /**
-         * Render the decrypted value or the stars
-         *
-         * @private
-         */
-        _renderEdit: function () {
-            this._renderValue(this.decrypted_value || "********");
-        },
-
-        /**
-         * Render the field using the template
-         *
-         * @private
-         * @param {String} value
-         */
-        _renderValue: function (value) {
-            const self = this;
-            this.$el.html(
-                QWeb.render(this.template, {
-                    widget: self,
-                    value: value,
-                    show: !this.decrypted,
-                })
-            );
-        },
-    });
-
-    // Widget used to create shared outgoing secrets encrypted with a pin
-    const VaultShareField = vault_fields.VaultField.extend({
-        events: _.extend({}, vault_fields.VaultField.prototype.events, {
-            "click .o_vault_save": "_onSaveValue",
-        }),
-        template: "FieldVaultShare",
-
-        /**
-         * Prepare the widget by evaluating the field attributes and setting the defaults
-         *
-         * @override
-         */
-        init: function () {
-            this._super.apply(this, arguments);
-
-            this.pin_size = this.attrs.pin_size || sh_utils.PinSize;
-            this.field_salt = this.attrs.salt || "salt";
-            this.field_pin = this.attrs.pin || "pin";
-        },
-
-        /**
-         * Encrypt the pin with a random salt to make it hard to guess him by
-         * encrypting every possilbilty with the public key. Store the pin in the
-         * proper field
-         *
-         * @private
-         */
-        _storePin: async function () {
-            const salt = utils.generate_iv_base64();
-            const crypted_pin = await utils.asym_encrypt(
-                await vault.get_public_key(),
-                this.pin + salt
-            );
-            this._setFieldValue(this.field_pin, crypted_pin);
-        },
-
-        /**
-         * Returns the pin from the class, record data, or generate a new pin if
-         * none s currently available
-         *
-         * @private
-         * @returns the pin
-         */
-        _getPin: async function () {
-            if (this.pin) return this.pin;
-
-            this.pin = this.recordData[this.field_pin];
-            if (this.pin) {
-                // Decrypt the pin and slice him to the configured pin size
-                const private_key = await vault.get_private_key();
-                const plain = await utils.asym_decrypt(private_key, this.pin);
-                this.pin = plain.slice(0, this.pin_size);
-                return this.pin;
-            }
-
-            // Generate a new pin and store it
-            this.pin = sh_utils.generate_pin(this.pin_size);
-            await this._storePin();
-            return this.pin;
-        },
-
-        /**
-         * Returns the salt from the class, record data, or generate a new salt if
-         * none is currently available
-         *
-         * @private
-         * @returns the salt
-         */
-        _getSalt: function () {
-            if (this.salt) return this.salt;
-
-            this.salt = this.recordData[this.field_salt];
-            if (this.salt) return this.salt;
-
-            // Generate a new salt and store him
-            this.salt = utils.toBase64(utils.generate_bytes(utils.SaltLength).buffer);
-            this._setFieldValue(this.field_salt, this.salt);
-            return this.salt;
-        },
-
-        /**
-         * Decrypt the encrypted data using the pin, IV and salt
-         *
-         * @private
-         * @param {String} crypted
-         */
-        _decrypt: async function (crypted) {
-            if (crypted === false) return false;
-
-            if (!utils.supported()) return null;
-
-            const iv = this._getIV();
-            const pin = await this._getPin();
-            const salt = utils.fromBase64(this._getSalt());
-
-            const key = await utils.derive_key(pin, salt, 4000);
-            return await utils.sym_decrypt(key, crypted, iv);
-        },
-
-        /**
-         * Encrypt the data using the pin, IV and salt
-         *
-         * @private
-         * @param {String} data
-         */
-        _encrypt: async function (data) {
-            if (!utils.supported()) return null;
-
-            const iv = this._getIV();
-            const pin = await this._getPin();
-            const salt = utils.fromBase64(this._getSalt());
-
-            const key = await utils.derive_key(pin, salt, 4000);
-            return await utils.sym_encrypt(key, data, iv);
-        },
-
-        /**
-         * Resets the content to the formated value in readonly mode.
-         *
-         * @override
-         * @private
-         */
-        _renderReadonly: function () {
-            const self = this;
-            this.$el.html(
-                QWeb.render(this.template, {
-                    widget: self,
-                    value: this.decrypted_value || "********",
-                    show: !this.decrypted,
-                })
-            );
-        },
-
-        /**
-         * @override
-         * @returns {String} the content of the input
-         */
-        _getValue: function () {
-            return this.$input.val();
-        },
-    });
-
-    // Widget used to view shared incoming secrets encrypted with public keys
-    const VaultShareFile = vault_fields.VaultFile.extend({
-        store_model: "vault.file",
-        template: "FileVaultShare",
-        events: _.extend({}, vault_fields.VaultFile.prototype.events, {
-            "click .o_vault_save": "_onSaveValue",
-        }),
-
-        /**
-         * Prepare the widget by evaluating the field attributes and setting the defaults
-         *
-         * @override
-         */
-        init: function () {
-            this._super.apply(this, arguments);
-
-            this.field_key = this.attrs.key || "key";
-            this.pin_size = this.attrs.pin_size || sh_utils.PinSize;
-            this.field_salt = this.attrs.salt || "salt";
-            this.field_pin = this.attrs.pin || "pin";
-        },
-
-        /**
-         * Encrypt the pin with a random salt to make it hard to guess him by
-         * encrypting every possilbilty with the public key. Store the pin in the
-         * proper field
-         *
-         * @private
-         */
-        _storePin: async function () {
-            const salt = utils.generate_iv_base64();
-            const crypted_pin = await utils.asym_encrypt(
-                await vault.get_public_key(),
-                this.pin + salt
-            );
-            this._setFieldValue(this.field_pin, crypted_pin);
-        },
-
-        /**
-         * Returns the pin from the class, record data, or generate a new pin if
-         * none s currently available
-         *
-         * @private
-         * @returns the pin
-         */
-        _getPin: async function () {
-            if (this.pin) return this.pin;
-
-            this.pin = this.recordData[this.field_pin];
-            if (this.pin) {
-                // Decrypt the pin and slice him to the configured pin size
-                const private_key = await vault.get_private_key();
-                const plain = await utils.asym_decrypt(private_key, this.pin);
-                this.pin = plain.slice(0, this.pin_size);
-                return this.pin;
-            }
-
-            // Generate a new pin and store it
-            this.pin = sh_utils.generate_pin(this.pin_size);
-            await this._storePin();
-            return this.pin;
-        },
-
-        /**
-         * Returns the salt from the class, record data, or generate a new salt if
-         * none is currently available
-         *
-         * @private
-         * @returns the salt
-         */
-        _getSalt: function () {
-            if (this.salt) return this.salt;
-
-            this.salt = this.recordData[this.field_salt];
-            if (this.salt) return this.salt;
-
-            // Generate a new salt and store him
-            this.salt = utils.toBase64(utils.generate_bytes(utils.SaltLength).buffer);
-            this._setFieldValue(this.field_salt, this.salt);
-            return this.salt;
-        },
-
-        _renderReadonly: function () {
-            this.do_toggle(Boolean(this.value));
-            if (this.value) {
-                this.$el.html(
-                    QWeb.render(this.template, {
-                        widget: this,
-                        filename: this.filename_value,
-                    })
-                );
-
-                const $el = this.$(".link");
-                if (this.recordData.id) $el.css("cursor", "pointer");
-                else $el.css("cursor", "not-allowed");
-            }
-        },
-
-        /**
-         * Decrypt the encrypted data using the pin, IV and salt
-         *
-         * @private
-         * @param {String} crypted
-         */
-        _decrypt: async function (crypted) {
-            if (!utils.supported()) return null;
-
-            const iv = this._getIV();
-            const pin = await this._getPin();
-            const salt = utils.fromBase64(this._getSalt());
-
-            const key = await utils.derive_key(pin, salt, 4000);
-            return await utils.sym_decrypt(key, crypted, iv);
-        },
-
-        /**
-         * Encrypt the data using the pin, IV and salt
-         *
-         * @private
-         * @param {String} data
-         */
-        _encrypt: async function (data) {
-            if (!utils.supported()) return null;
-
-            const iv = this._getIV();
-            const pin = await this._getPin();
-            const salt = utils.fromBase64(this._getSalt());
-
-            const key = await utils.derive_key(pin, salt, 4000);
-            return await utils.sym_encrypt(key, data, iv);
-        },
-    });
-
-    registry.add("vault_pin", VaultPinField);
-    registry.add("vault_share", VaultShareField);
-    registry.add("vault_share_file", VaultShareFile);
-});
diff --git a/vault_share/tests/__init__.py b/vault_share/tests/__init__.py
deleted file mode 100644
index a2758c5219..0000000000
--- a/vault_share/tests/__init__.py
+++ /dev/null
@@ -1,4 +0,0 @@
-# © 2021 Florian Kantelberg - initOS GmbH
-# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
-
-from . import test_share
diff --git a/vault_share/tests/test_share.py b/vault_share/tests/test_share.py
deleted file mode 100644
index 1627b660ed..0000000000
--- a/vault_share/tests/test_share.py
+++ /dev/null
@@ -1,73 +0,0 @@
-# © 2021 Florian Kantelberg - initOS GmbH
-# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
-
-import logging
-from datetime import datetime
-from uuid import uuid4
-
-from odoo.tests import TransactionCase
-from odoo.tools import mute_logger
-
-from odoo.addons.website.tools import MockRequest
-
-from ..controllers import main
-
-_logger = logging.getLogger(__name__)
-
-
-class TestShare(TransactionCase):
-    def setUp(self):
-        super().setUp()
-
-        self.user = self.env.user
-        self.vals = {
-            "name": f"Share {self.user.name}",
-            "secret": "secret",
-            "salt": "sa17",
-            "iv": "1v",
-            "pin": "12345",
-        }
-
-        self.share = self.env["vault.share"].create(self.vals)
-
-    @mute_logger("odoo.sql_db")
-    def test_share(self):
-        self.assertEqual(self.share, self.share.get(self.share.token))
-        self.assertIn(self.share.token, self.share.share_link)
-
-        # Nothing should happen
-        self.share.clean()
-        self.assertEqual(self.share, self.share.get(self.share.token))
-
-        # Deletion because of accesses
-        share = self.share.create(self.vals)
-        share.accesses = 0
-        self.assertEqual(None, share.get(share.token))
-
-        # Deletion because of expiration
-        share = self.share.create(self.vals)
-        share.expiration = datetime(1970, 1, 1)
-        self.assertEqual(None, share.get(share.token))
-
-        # Search for invalid token
-        self.assertEqual(share.browse(), share.get(uuid4()))
-
-    @mute_logger("odoo.sql_db")
-    def test_vault_share(self):
-        def return_context(template, context):
-            self.assertEqual(template, "vault_share.share")
-            return context
-
-        with MockRequest(self.env) as request_mock:
-            request_mock.render = return_context
-            controller = main.Controller()
-
-            response = controller.vault_share("")
-            self.assertIn("error", response)
-
-            response = controller.vault_share(self.share.token)
-            self.assertEqual(response["salt"], self.share.salt)
-
-            self.share.accesses = 0
-            response = controller.vault_share(self.share.token)
-            self.assertIn("error", response)
diff --git a/vault_share/views/menuitems.xml b/vault_share/views/menuitems.xml
deleted file mode 100644
index 639332a0fc..0000000000
--- a/vault_share/views/menuitems.xml
+++ /dev/null
@@ -1,16 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-<odoo>
-    <record id="action_vault_share" model="ir.actions.act_window">
-        <field name="name">Shares</field>
-        <field name="res_model">vault.share</field>
-        <field name="view_mode">tree,form</field>
-    </record>
-
-    <menuitem
-        id="menu_vault_share"
-        groups="base.group_user"
-        parent="vault.menu_vault"
-        action="action_vault_share"
-        sequence="45"
-    />
-</odoo>
diff --git a/vault_share/views/res_config_settings_views.xml b/vault_share/views/res_config_settings_views.xml
deleted file mode 100644
index 971759c497..0000000000
--- a/vault_share/views/res_config_settings_views.xml
+++ /dev/null
@@ -1,18 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-<odoo>
-    <record id="res_config_settings_view_form" model="ir.ui.view">
-        <field name="name">res.config.settings.view.form</field>
-        <field name="model">res.config.settings</field>
-        <field name="inherit_id" ref="vault.res_config_settings_view_form" />
-        <field name="arch" type="xml">
-            <div id="vault_share" position="after">
-                <div class="col-xs-12 col-md-6 o_setting_box" id="vault_share">
-                    <div class="o_setting_right_pane">
-                        <div class="o_form_label">Delay the deletion of shares</div>
-                        <field name="vault_share_delay" /> Days
-                    </div>
-                </div>
-            </div>
-        </field>
-    </record>
-</odoo>
diff --git a/vault_share/views/templates.xml b/vault_share/views/templates.xml
deleted file mode 100644
index 7649731e52..0000000000
--- a/vault_share/views/templates.xml
+++ /dev/null
@@ -1,48 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-<odoo>
-    <template id="share">
-        <t t-call="web.login_layout">
-            <t
-                t-call-assets="vault_share.assets_frontend"
-                t-css="false"
-                defer_load="True"
-            />
-
-            <input type="hidden" id="encrypted" t-att-value="encrypted" />
-            <input type="hidden" id="encrypted_file" t-att-value="encrypted_file" />
-            <input type="hidden" id="filename" t-att-value="filename" />
-            <input type="hidden" id="salt" t-att-value="salt" />
-            <input type="hidden" id="iv" t-att-value="iv" />
-
-            <div class="form-group">
-                <label for="pin">Enter the pin:</label>
-                <input type="text" id="pin" class="form-control" />
-            </div>
-
-            <p class="alert alert-danger" t-if="error" role="alert" t-esc="error" />
-            <p
-                class="alert alert-success"
-                t-if="message"
-                role="status"
-                t-esc="message"
-            />
-
-            <div class="form-group" t-if="encrypted">
-                <label for="secret">Shared secret:</label>
-                <input
-                    type="text"
-                    id="secret"
-                    readonly="readonly"
-                    class="alert alert-danger col-12"
-                />
-            </div>
-
-            <div class="form-group" t-if="encrypted_file">
-                <label for="secret">Shared file:</label><vr /><a
-                    href=""
-                    id="secret_file"
-                />
-            </div>
-        </t>
-    </template>
-</odoo>
diff --git a/vault_share/views/vault_share_views.xml b/vault_share/views/vault_share_views.xml
deleted file mode 100644
index da61c5ec4c..0000000000
--- a/vault_share/views/vault_share_views.xml
+++ /dev/null
@@ -1,48 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-<odoo>
-    <record id="view_vault_share_tree" model="ir.ui.view">
-        <field name="model">vault.share</field>
-        <field name="arch" type="xml">
-            <tree>
-                <field name="name" />
-                <field name="share_link" widget="url" />
-            </tree>
-        </field>
-    </record>
-
-    <record id="view_vault_share_form" model="ir.ui.view">
-        <field name="model">vault.share</field>
-        <field name="arch" type="xml">
-            <form>
-                <sheet>
-                    <group>
-                        <field name="token" invisible="1" />
-                        <field name="iv" invisible="1" />
-                        <field name="salt" invisible="1" />
-                        <field name="filename" invisible="1" />
-
-                        <field name="name" />
-                        <field name="share_link" widget="url" class="oe_read_only" />
-                        <field name="pin" widget="vault_pin" />
-                        <field name="expiration" />
-                        <field name="accesses" />
-                        <field name="secret" widget="vault_share" />
-                        <field
-                            name="secret_file"
-                            filename="filename"
-                            widget="vault_share_file"
-                        />
-                    </group>
-
-                    <label for="log_ids" />
-                    <field name="log_ids" options="{'no_open': True}">
-                        <tree>
-                            <field name="name" />
-                            <field name="create_date" />
-                        </tree>
-                    </field>
-                </sheet>
-            </form>
-        </field>
-    </record>
-</odoo>

From 38aa148814728a04c155ab9b1a036518e7ee1fce Mon Sep 17 00:00:00 2001
From: fkantelberg <florian.kantelberg@initos.com>
Date: Wed, 14 Feb 2024 21:50:24 +0100
Subject: [PATCH 66/71] [FIX] vault: Exception when clicking away the first
 password dialog and reading an entry

---
 vault/static/src/backend/vault.esm.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vault/static/src/backend/vault.esm.js b/vault/static/src/backend/vault.esm.js
index cf5cfd29d0..b69d266609 100644
--- a/vault/static/src/backend/vault.esm.js
+++ b/vault/static/src/backend/vault.esm.js
@@ -137,7 +137,7 @@ class Vault {
 
         // Check if the keys expired
         const now = new Date();
-        if (!this.time || now - this.time <= Expiration) return;
+        if (this.time && now - this.time <= Expiration) return;
 
         // Keys expired means that we have to get them again
         this.keys = this.time = null;

From 6259a60a736b7e10d664ea5a3918b7db746d5a69 Mon Sep 17 00:00:00 2001
From: fkantelberg <florian.kantelberg@initos.com>
Date: Sat, 17 Feb 2024 18:03:15 +0100
Subject: [PATCH 67/71] [FIX] vault: Check against the key of vault.right

---
 vault/static/src/backend/controller.esm.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vault/static/src/backend/controller.esm.js b/vault/static/src/backend/controller.esm.js
index 3310fd0d2b..ca519b5b35 100644
--- a/vault/static/src/backend/controller.esm.js
+++ b/vault/static/src/backend/controller.esm.js
@@ -250,7 +250,7 @@ patch(FormController.prototype, "vault", {
      * @param {Object} right
      */
     async _vaultEnsureRightKey(root, right) {
-        if (!root.data.master_key || right.data.master_key) return;
+        if (!root.data.master_key || right.data.key) return;
 
         const params = {user_id: right.data.user_id[0]};
         const user = await this.rpc("/vault/public", params);

From 9f4cda0712707304785084e8aee796b4bc9aa353 Mon Sep 17 00:00:00 2001
From: fkantelberg <florian.kantelberg@initos.com>
Date: Mon, 19 Feb 2024 19:11:14 +0100
Subject: [PATCH 68/71] [IMP] vault: Improve handling if no secure browser
 context is provided. Improve readme documentation about this requirement

---
 vault/README.rst                           |  8 +++----
 vault/readme/DESCRIPTION.rst               |  2 +-
 vault/readme/ROADMAP.rst                   |  4 ++--
 vault/static/description/index.html        |  7 +++---
 vault/static/src/backend/controller.esm.js | 26 +++++++++++++++++++++-
 5 files changed, 36 insertions(+), 11 deletions(-)

diff --git a/vault/README.rst b/vault/README.rst
index 1b127f4d65..e58d1e5c71 100644
--- a/vault/README.rst
+++ b/vault/README.rst
@@ -7,7 +7,7 @@ Vault
    !! This file is generated by oca-gen-addon-readme !!
    !! changes will be overwritten.                   !!
    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-   !! source digest: sha256:9bc765eb2b8c6fb6a4912b97a282f3c40996011386f83779dccfad8c2672bfe6
+   !! source digest: sha256:12d8822aab453f4a6f00d8151ec6cdef4c66ec07c08d88e6528c85f3526d0818
    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 
 .. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
@@ -32,7 +32,7 @@ This module implements a vault for secrets and files using end-to-end-encryption
 
 The server can never access the secrets with the information available. Only people registered in the vault can decrypt or encrypt values in a vault. The meta data isn't encrypted to be able to search/filter for entries more easily.
 
-This modules requires a secure context for the browser to work properly.
+This modules requires a secure context for the browser to work properly and therefore HTTPS support is required.
 
 The `vault-recovery <https://github.com/fkantelberg/vault-recovery>`_ project focuses on disaster recovery in case of an incident to recover secrets from old database backups or old exports.
 
@@ -46,8 +46,6 @@ Known issues / Roadmap
 
 * Field and file history for restoration
 
-* Send secrets directly to an inbox within Odoo
-
 * Import improvement
 
  * Support challenge-response/FIDO2
@@ -59,6 +57,8 @@ Known issues / Roadmap
 
   If you want to move entries between vaults you can use the export -> import option.
 
+* HTTPS or localhost (secure browser context) is required for the client side encryption
+
 Bug Tracker
 ===========
 
diff --git a/vault/readme/DESCRIPTION.rst b/vault/readme/DESCRIPTION.rst
index 8d77993dc9..50cf3c7679 100644
--- a/vault/readme/DESCRIPTION.rst
+++ b/vault/readme/DESCRIPTION.rst
@@ -2,6 +2,6 @@ This module implements a vault for secrets and files using end-to-end-encryption
 
 The server can never access the secrets with the information available. Only people registered in the vault can decrypt or encrypt values in a vault. The meta data isn't encrypted to be able to search/filter for entries more easily.
 
-This modules requires a secure context for the browser to work properly.
+This modules requires a secure context for the browser to work properly and therefore HTTPS support is required.
 
 The `vault-recovery <https://github.com/fkantelberg/vault-recovery>`_ project focuses on disaster recovery in case of an incident to recover secrets from old database backups or old exports.
diff --git a/vault/readme/ROADMAP.rst b/vault/readme/ROADMAP.rst
index 738bcd6446..ccaf5abc1d 100644
--- a/vault/readme/ROADMAP.rst
+++ b/vault/readme/ROADMAP.rst
@@ -1,7 +1,5 @@
 * Field and file history for restoration
 
-* Send secrets directly to an inbox within Odoo
-
 * Import improvement
 
  * Support challenge-response/FIDO2
@@ -12,3 +10,5 @@
   is defined.
 
   If you want to move entries between vaults you can use the export -> import option.
+
+* HTTPS or localhost (secure browser context) is required for the client side encryption
diff --git a/vault/static/description/index.html b/vault/static/description/index.html
index 6fcc35e1b3..99cd2f80d1 100644
--- a/vault/static/description/index.html
+++ b/vault/static/description/index.html
@@ -367,12 +367,12 @@ <h1 class="title">Vault</h1>
 !! This file is generated by oca-gen-addon-readme !!
 !! changes will be overwritten.                   !!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-!! source digest: sha256:9bc765eb2b8c6fb6a4912b97a282f3c40996011386f83779dccfad8c2672bfe6
+!! source digest: sha256:12d8822aab453f4a6f00d8151ec6cdef4c66ec07c08d88e6528c85f3526d0818
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -->
 <p><a class="reference external image-reference" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external image-reference" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external image-reference" href="https://github.com/OCA/server-auth/tree/16.0/vault"><img alt="OCA/server-auth" src="https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github" /></a> <a class="reference external image-reference" href="https://translation.odoo-community.org/projects/server-auth-16-0/server-auth-16-0-vault"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external image-reference" href="https://runboat.odoo-community.org/builds?repo=OCA/server-auth&amp;target_branch=16.0"><img alt="Try me on Runboat" src="https://img.shields.io/badge/runboat-Try%20me-875A7B.png" /></a></p>
 <p>This module implements a vault for secrets and files using end-to-end-encryption. The encryption and decryption happens in the browser using a vault specific shared master key. The master keys are encrypted using asymmetrically. For this the user has to enter a second password on the first login or if he needs to access data in a vault. The asymmetric keys are stored for a certain time in the browser storage.</p>
 <p>The server can never access the secrets with the information available. Only people registered in the vault can decrypt or encrypt values in a vault. The meta data isn’t encrypted to be able to search/filter for entries more easily.</p>
-<p>This modules requires a secure context for the browser to work properly.</p>
+<p>This modules requires a secure context for the browser to work properly and therefore HTTPS support is required.</p>
 <p>The <a class="reference external" href="https://github.com/fkantelberg/vault-recovery">vault-recovery</a> project focuses on disaster recovery in case of an incident to recover secrets from old database backups or old exports.</p>
 <p><strong>Table of contents</strong></p>
 <div class="contents local topic" id="contents">
@@ -391,7 +391,6 @@ <h1 class="title">Vault</h1>
 <h1><a class="toc-backref" href="#toc-entry-1">Known issues / Roadmap</a></h1>
 <ul class="simple">
 <li>Field and file history for restoration</li>
-<li>Send secrets directly to an inbox within Odoo</li>
 <li>Import improvement</li>
 </ul>
 <blockquote>
@@ -406,6 +405,8 @@ <h1><a class="toc-backref" href="#toc-entry-1">Known issues / Roadmap</a></h1>
 is defined.</p>
 <p>If you want to move entries between vaults you can use the export -&gt; import option.</p>
 </li>
+<li><p class="first">HTTPS or localhost (secure browser context) is required for the client side encryption</p>
+</li>
 </ul>
 </div>
 <div class="section" id="bug-tracker">
diff --git a/vault/static/src/backend/controller.esm.js b/vault/static/src/backend/controller.esm.js
index ca519b5b35..d3f4b6c42e 100644
--- a/vault/static/src/backend/controller.esm.js
+++ b/vault/static/src/backend/controller.esm.js
@@ -2,9 +2,11 @@
 // © 2021-2024 Florian Kantelberg - initOS GmbH
 // License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
 
+import {AlertDialog} from "@web/core/confirmation_dialog/confirmation_dialog";
 import Dialog from "web.Dialog";
 import {FormController} from "@web/views/form/form_controller";
 import Importer from "vault.import";
+import {ListController} from "@web/views/list/list_controller";
 import {_lt} from "@web/core/l10n/translation";
 import framework from "web.framework";
 import {patch} from "@web/core/utils/patch";
@@ -288,7 +290,16 @@ patch(FormController.prototype, "vault", {
      * @param {Object} button
      */
     async _vaultAction(button) {
-        if (!utils.supported()) return false;
+        if (!utils.supported()) {
+            await this.dialogService.add(AlertDialog, {
+                title: _lt("Vault is not supported"),
+                body: _lt(
+                    "A secure browser context is required. Please switch to " +
+                        "https or contact your administrator"
+                ),
+            });
+            return false;
+        }
 
         const root = this.model.root;
         switch (root.resModel) {
@@ -331,6 +342,11 @@ patch(FormController.prototype, "vault", {
      * get/store information from/to the vault controller
      */
     setup() {
+        if (this.props.resModel === "vault" && !utils.supported()) {
+            this.props.preventCreate = true;
+            this.props.preventEdit = true;
+        }
+
         this._super(...arguments);
         this.rpc = useService("rpc");
     },
@@ -380,3 +396,11 @@ patch(FormController.prototype, "vault", {
         return await _super(...arguments);
     },
 });
+
+patch(ListController.prototype, "vault", {
+    setup() {
+        this._super(...arguments);
+        if (this.props.resModel === "vault" && !utils.supported())
+            this.props.showButtons = false;
+    },
+});

From 8f3d7633418991d149bf19334c7db0a3c49fcbbf Mon Sep 17 00:00:00 2001
From: oca-ci <oca-ci@odoo-community.org>
Date: Thu, 22 Feb 2024 15:10:43 +0000
Subject: [PATCH 69/71] [UPD] Update vault.pot

---
 vault/i18n/vault.pot | 222 ++++++++++++++++++++++++++++++-------------
 1 file changed, 155 insertions(+), 67 deletions(-)

diff --git a/vault/i18n/vault.pot b/vault/i18n/vault.pot
index 13361095c5..1ff8dfa7d6 100644
--- a/vault/i18n/vault.pot
+++ b/vault/i18n/vault.pot
@@ -4,7 +4,7 @@
 #
 msgid ""
 msgstr ""
-"Project-Id-Version: Odoo Server 15.0\n"
+"Project-Id-Version: Odoo Server 16.0\n"
 "Report-Msgid-Bugs-To: \n"
 "Last-Translator: \n"
 "Language-Team: \n"
@@ -14,32 +14,44 @@ msgstr ""
 "Plural-Forms: \n"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_entry.py:0
 #, python-format
 msgid "%(action)s entry %(name)s by %(user)s"
 msgstr ""
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/legacy/vault_controller.js:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/controller.esm.js:0
 #, python-format
 msgid "%s '%s' of entry '%s'"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_entry.py:0
 #, python-format
 msgid "%s (copy)"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/controller.esm.js:0
+#, python-format
+msgid ""
+"A secure browser context is required. Please switch to https or contact your"
+" administrator"
+msgstr ""
+
+#. module: vault
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "A-Z"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/abstract_vault_field.py:0
 #: model:ir.model,name:vault.model_vault_abstract_field
 #, python-format
@@ -47,6 +59,7 @@ msgid "Abstract model to implement basic fields for encryption"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/abstract_vault.py:0
 #: model:ir.model,name:vault.model_vault_abstract
 #, python-format
@@ -165,6 +178,7 @@ msgid "Allowed Write"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/controllers/main.py:0
 #, python-format
 msgid "An error occured. Please contact the user or administrator"
@@ -181,7 +195,7 @@ msgid "By vault"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/common/utils.esm.js:0
 #: code:addons/vault/static/src/common/utils.esm.js:0
 #: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
@@ -193,7 +207,7 @@ msgid "Cancel"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/common/utils.esm.js:0
 #: code:addons/vault/static/src/common/utils.esm.js:0
 #, python-format
@@ -201,7 +215,7 @@ msgid "Cancelled"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Characters:"
@@ -236,7 +250,7 @@ msgid "Config Settings"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Confirm your password:"
@@ -248,9 +262,9 @@ msgid "Content"
 msgstr ""
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/backend/templates.xml:0
-#: code:addons/vault/static/src/backend/templates.xml:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/templates.xml:0
+#: code:addons/vault/static/src/backend/fields/templates.xml:0
 #, python-format
 msgid "Copy to clipboard"
 msgstr ""
@@ -280,12 +294,14 @@ msgid "Created by"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_inbox.py:0
 #, python-format
 msgid "Created by %(name)s via %(ip)s"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/wizards/vault_send_wizard.py:0
 #, python-format
 msgid "Created by %s"
@@ -355,8 +371,8 @@ msgid "Display Name"
 msgstr ""
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/legacy/vault_controller.js:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/controller.esm.js:0
 #, python-format
 msgid "Do you really want to create a new key pair and set it active?"
 msgstr ""
@@ -367,7 +383,7 @@ msgid "Download"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/common/utils.esm.js:0
 #: code:addons/vault/static/src/common/utils.esm.js:0
 #, python-format
@@ -375,7 +391,7 @@ msgid "Enter"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Enter your password:"
@@ -400,6 +416,7 @@ msgid "Entry"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_entry.py:0
 #: model:ir.model,name:vault.model_vault_entry
 #, python-format
@@ -407,6 +424,7 @@ msgid "Entry inside a vault"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_log.py:0
 #, python-format
 msgid "Error"
@@ -434,6 +452,7 @@ msgid "Export Vaults"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault.py:0
 #: code:addons/vault/models/vault_entry.py:0
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_form
@@ -443,6 +462,7 @@ msgid "Export to file"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/wizards/vault_export_wizard.py:0
 #: model:ir.model,name:vault.model_vault_export_wizard
 #, python-format
@@ -450,27 +470,28 @@ msgid "Export wizard for vaults"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/vault.esm.js:0
 #, python-format
 msgid "Failed to export keys to object store"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/vault.esm.js:0
 #, python-format
 msgid "Failed to export the keys to the database"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/vault.esm.js:0
 #, python-format
 msgid "Failed to import keys from database"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_field.py:0
 #: model:ir.model,name:vault.model_vault_field
 #, python-format
@@ -484,6 +505,7 @@ msgid "Fields"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_file.py:0
 #: model:ir.model,name:vault.model_vault_file
 #, python-format
@@ -513,15 +535,15 @@ msgid "Fingerprint"
 msgstr ""
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/backend/templates.xml:0
-#: code:addons/vault/static/src/backend/templates.xml:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/templates.xml:0
+#: code:addons/vault/static/src/backend/fields/templates.xml:0
 #, python-format
 msgid "Generate"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Generate a new secret:"
@@ -533,9 +555,9 @@ msgid "Grouped"
 msgstr ""
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/backend/templates.xml:0
-#: code:addons/vault/static/src/backend/templates.xml:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/templates.xml:0
+#: code:addons/vault/static/src/backend/fields/templates.xml:0
 #, python-format
 msgid "Hide"
 msgstr ""
@@ -580,6 +602,7 @@ msgid "Import Vaults"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault.py:0
 #: code:addons/vault/models/vault_entry.py:0
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_form
@@ -589,6 +612,7 @@ msgid "Import from file"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/wizards/vault_import_wizard.py:0
 #: model:ir.model,name:vault.model_vault_import_wizard
 #, python-format
@@ -596,6 +620,7 @@ msgid "Import wizard for vaults"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/wizards/vault_import_wizard.py:0
 #: model:ir.model,name:vault.model_vault_import_wizard_path
 #, python-format
@@ -632,18 +657,21 @@ msgid "Include Childs"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_log.py:0
 #, python-format
 msgid "Information"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/wizards/vault_import_wizard.py:0
 #, python-format
 msgid "Invalid file to import from"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/res_users_key.py:0
 #: code:addons/vault/models/res_users_key.py:0
 #: code:addons/vault/models/res_users_key.py:0
@@ -652,6 +680,7 @@ msgid "Invalid parameter"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/controllers/main.py:0
 #, python-format
 msgid "Invalid token"
@@ -692,8 +721,7 @@ msgid "Key"
 msgstr ""
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/backend/templates.xml:0
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/user_menu.esm.js:0
 #, python-format
 msgid "Key Management"
@@ -705,7 +733,7 @@ msgid "Key User"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Keyfile:"
@@ -774,7 +802,7 @@ msgid "Last Updated on"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Length:"
@@ -790,6 +818,7 @@ msgid "Log"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_log.py:0
 #: model:ir.model,name:vault.model_vault_log
 #, python-format
@@ -819,13 +848,14 @@ msgid "Message"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/controllers/main.py:0
 #, python-format
 msgid "Missing filename"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/common/utils.esm.js:0
 #: code:addons/vault/static/src/common/utils.esm.js:0
 #, python-format
@@ -864,6 +894,13 @@ msgstr ""
 msgid "Name of your secret:"
 msgstr ""
 
+#. module: vault
+#. odoo-python
+#: code:addons/vault/wizards/vault_send_wizard.py:0
+#, python-format
+msgid "Neither a secret nor file was given"
+msgstr ""
+
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
 msgid "New inbox link"
@@ -875,12 +912,14 @@ msgid "New private key"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/controllers/main.py:0
 #, python-format
 msgid "No secret found"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_inbox.py:0
 #: code:addons/vault/wizards/vault_send_wizard.py:0
 #: model:ir.model.constraint,message:vault.constraint_vault_inbox_value_check
@@ -918,7 +957,7 @@ msgid "Parent Entry"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Password:"
@@ -940,7 +979,7 @@ msgid "Perm User"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/export.esm.js:0
 #: code:addons/vault/static/src/backend/import.esm.js:0
 #, python-format
@@ -948,27 +987,28 @@ msgid "Please enter the password for the database"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/import.esm.js:0
 #, python-format
 msgid "Please enter the password for the keepass database"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/vault.esm.js:0
 #, python-format
 msgid "Please enter the password for your private key"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Please enter your password or upload a keyfile:"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/controllers/main.py:0
 #, python-format
 msgid "Please specify a name"
@@ -1014,19 +1054,19 @@ msgid "Salt"
 msgstr ""
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/legacy/vault_widget.js:0
-#: code:addons/vault/static/src/legacy/vault_widget.js:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/vault_export_file.esm.js:0
+#: code:addons/vault/static/src/backend/fields/vault_file.esm.js:0
 #, python-format
 msgid "Save As..."
 msgstr ""
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/backend/templates.xml:0
-#: code:addons/vault/static/src/backend/templates.xml:0
-#: code:addons/vault/static/src/backend/templates.xml:0
-#: code:addons/vault/static/src/backend/templates.xml:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/templates.xml:0
+#: code:addons/vault/static/src/backend/fields/templates.xml:0
+#: code:addons/vault/static/src/backend/fields/templates.xml:0
+#: code:addons/vault/static/src/backend/fields/templates.xml:0
 #, python-format
 msgid "Save in a vault"
 msgstr ""
@@ -1061,16 +1101,16 @@ msgid "Send"
 msgstr ""
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/backend/templates.xml:0
-#: code:addons/vault/static/src/backend/templates.xml:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/templates.xml:0
+#: code:addons/vault/static/src/backend/fields/templates.xml:0
 #, python-format
 msgid "Send the secret to an user"
 msgstr ""
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/legacy/vault_widget.js:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/vault_mixin.esm.js:0
 #, python-format
 msgid "Send the secret to another user"
 msgstr ""
@@ -1081,21 +1121,22 @@ msgid "Share"
 msgstr ""
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/backend/templates.xml:0
-#: code:addons/vault/static/src/backend/templates.xml:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/templates.xml:0
+#: code:addons/vault/static/src/backend/fields/templates.xml:0
 #, python-format
 msgid "Show"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/controllers/main.py:0
 #, python-format
 msgid "Something went wrong with the encryption"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Special"
@@ -1112,8 +1153,8 @@ msgid "Store"
 msgstr ""
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/legacy/vault_widget.js:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/vault_inbox_mixin.esm.js:0
 #, python-format
 msgid "Store the secret in a vault"
 msgstr ""
@@ -1124,6 +1165,7 @@ msgid "Submit secret"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/controllers/main.py:0
 #, python-format
 msgid "Successfully stored"
@@ -1135,6 +1177,7 @@ msgid "Tags"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault.py:0
 #: code:addons/vault/models/vault_entry.py:0
 #: model:ir.model.constraint,message:vault.constraint_vault_entry_vault_uuid_uniq
@@ -1144,9 +1187,9 @@ msgid "The UUID must be unique."
 msgstr ""
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/legacy/vault_widget.js:0
-#: code:addons/vault/static/src/legacy/vault_widget.js:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/vault_export_file.esm.js:0
+#: code:addons/vault/static/src/backend/fields/vault_file.esm.js:0
 #, python-format
 msgid "The field is empty, there's nothing to save!"
 msgstr ""
@@ -1157,20 +1200,21 @@ msgid "The files must end on one of the supported file type:"
 msgstr ""
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/legacy/vault_controller.js:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/controller.esm.js:0
 #, python-format
 msgid "The following entries are broken:"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/common/utils.esm.js:0
 #, python-format
 msgid "The passwords aren't matching"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/abstract_vault.py:0
 #, python-format
 msgid ""
@@ -1178,6 +1222,7 @@ msgid ""
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_tag.py:0
 #: model:ir.model.constraint,message:vault.constraint_vault_tag_name_uniq
 #, python-format
@@ -1185,6 +1230,7 @@ msgid "The tag must be unique!"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_right.py:0
 #: model:ir.model.constraint,message:vault.constraint_vault_right_user_uniq
 #, python-format
@@ -1197,7 +1243,7 @@ msgid "Token"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/import.esm.js:0
 #, python-format
 msgid "Unsupported file to import"
@@ -1209,6 +1255,7 @@ msgid "Url"
 msgstr ""
 
 #. module: vault
+#: model:ir.model,name:vault.model_res_users
 #: model:ir.model.fields,field_description:vault.field_res_users_key__user_id
 #: model:ir.model.fields,field_description:vault.field_vault_log__user_id
 #: model:ir.model.fields,field_description:vault.field_vault_right__user_id
@@ -1217,17 +1264,13 @@ msgid "User"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/res_users_key.py:0
 #: model:ir.model,name:vault.model_res_users_key
 #, python-format
 msgid "User data of a vault"
 msgstr ""
 
-#. module: vault
-#: model:ir.model,name:vault.model_res_users
-msgid "Users"
-msgstr ""
-
 #. module: vault
 #: model:ir.model.fields,help:vault.field_vault_inbox__inbox_link
 msgid ""
@@ -1252,6 +1295,7 @@ msgid "Value"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault.py:0
 #: model:ir.actions.act_window,name:vault.action_vault
 #: model:ir.model,name:vault.model_vault
@@ -1272,6 +1316,34 @@ msgstr ""
 msgid "Vault"
 msgstr ""
 
+#. module: vault
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/vault_field.esm.js:0
+#, python-format
+msgid "Vault Field"
+msgstr ""
+
+#. module: vault
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/vault_file.esm.js:0
+#, python-format
+msgid "Vault File"
+msgstr ""
+
+#. module: vault
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/vault_inbox_field.esm.js:0
+#, python-format
+msgid "Vault Inbox Field"
+msgstr ""
+
+#. module: vault
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/vault_inbox_file.esm.js:0
+#, python-format
+msgid "Vault Inbox File"
+msgstr ""
+
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users__vault_right_ids
 msgid "Vault Right"
@@ -1283,6 +1355,7 @@ msgid "Vault Share"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_inbox_log.py:0
 #: model:ir.model,name:vault.model_vault_inbox_log
 #, python-format
@@ -1290,6 +1363,14 @@ msgid "Vault inbox log"
 msgstr ""
 
 #. module: vault
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/controller.esm.js:0
+#, python-format
+msgid "Vault is not supported"
+msgstr ""
+
+#. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_right.py:0
 #: model:ir.model,name:vault.model_vault_right
 #, python-format
@@ -1297,6 +1378,7 @@ msgid "Vault rights"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_inbox.py:0
 #: model:ir.model,name:vault.model_vault_inbox
 #, python-format
@@ -1304,6 +1386,7 @@ msgid "Vault share incoming secrets"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_tag.py:0
 #: model:ir.model,name:vault.model_vault_tag
 #, python-format
@@ -1326,12 +1409,14 @@ msgid "Version"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_log.py:0
 #, python-format
 msgid "Warning"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/wizards/vault_store_wizard.py:0
 #: model:ir.model,name:vault.model_vault_store_wizard
 #, python-format
@@ -1339,6 +1424,7 @@ msgid "Wizard store a shared secret in a vault"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/wizards/vault_send_wizard.py:0
 #: model:ir.model,name:vault.model_vault_send_wizard
 #, python-format
@@ -1351,12 +1437,14 @@ msgid "Write"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_inbox.py:0
 #, python-format
 msgid "Written by %(name)s via %(ip)s"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_entry.py:0
 #, python-format
 msgid "You can not create recursive entries."
@@ -1376,7 +1464,7 @@ msgid ""
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "a-z"

From 23d8df7e69306acdb299ff24c53dfbdf9a6b6724 Mon Sep 17 00:00:00 2001
From: OCA-git-bot <oca-git-bot@odoo-community.org>
Date: Thu, 22 Feb 2024 15:14:36 +0000
Subject: [PATCH 70/71] [BOT] post-merge updates

---
 README.md                      | 1 +
 setup/_metapackage/VERSION.txt | 2 +-
 setup/_metapackage/setup.py    | 1 +
 3 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index df694981e5..92de52a2b5 100644
--- a/README.md
+++ b/README.md
@@ -41,6 +41,7 @@ addon | version | maintainers | summary
 [users_ldap_groups](users_ldap_groups/) | 16.0.1.0.0 |  | Adds user accounts to groups based on rules defined by the administrator.
 [users_ldap_mail](users_ldap_mail/) | 16.0.1.0.0 | [![joao-p-marques](https://github.com/joao-p-marques.png?size=30px)](https://github.com/joao-p-marques) | LDAP mapping for user name and e-mail
 [users_ldap_populate](users_ldap_populate/) | 16.0.1.0.0 | [![joao-p-marques](https://github.com/joao-p-marques.png?size=30px)](https://github.com/joao-p-marques) | LDAP Populate
+[vault](vault/) | 16.0.1.0.0 |  | Password vault integration in Odoo
 
 [//]: # (end addons)
 
diff --git a/setup/_metapackage/VERSION.txt b/setup/_metapackage/VERSION.txt
index 9a0109d4fb..ef64b9af1c 100644
--- a/setup/_metapackage/VERSION.txt
+++ b/setup/_metapackage/VERSION.txt
@@ -1 +1 @@
-16.0.20231219.0
\ No newline at end of file
+16.0.20240222.0
\ No newline at end of file
diff --git a/setup/_metapackage/setup.py b/setup/_metapackage/setup.py
index 45298261ac..e0acedec55 100644
--- a/setup/_metapackage/setup.py
+++ b/setup/_metapackage/setup.py
@@ -28,6 +28,7 @@
         'odoo-addon-users_ldap_groups>=16.0dev,<16.1dev',
         'odoo-addon-users_ldap_mail>=16.0dev,<16.1dev',
         'odoo-addon-users_ldap_populate>=16.0dev,<16.1dev',
+        'odoo-addon-vault>=16.0dev,<16.1dev',
     ],
     classifiers=[
         'Programming Language :: Python',

From f3f295974926fe40f5e5f52e1b7a6d92463cf9f5 Mon Sep 17 00:00:00 2001
From: Weblate <noreply@weblate.org>
Date: Thu, 22 Feb 2024 16:23:11 +0000
Subject: [PATCH 71/71] Update translation files

Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: server-auth-16.0/server-auth-16.0-vault
Translate-URL: https://translation.odoo-community.org/projects/server-auth-16-0/server-auth-16-0-vault/
---
 vault/i18n/es.po | 205 ++++++++++++++++++++++++++++++++++-------------
 vault/i18n/nl.po | 205 ++++++++++++++++++++++++++++++++++-------------
 2 files changed, 298 insertions(+), 112 deletions(-)

diff --git a/vault/i18n/es.po b/vault/i18n/es.po
index b6682a9784..3358c5bda5 100644
--- a/vault/i18n/es.po
+++ b/vault/i18n/es.po
@@ -18,32 +18,44 @@ msgstr ""
 "X-Generator: Weblate 4.17\n"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_entry.py:0
 #, python-format
 msgid "%(action)s entry %(name)s by %(user)s"
 msgstr "%(action)s entrada %(name)s por %(user)s"
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/legacy/vault_controller.js:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/controller.esm.js:0
 #, python-format
 msgid "%s '%s' of entry '%s'"
 msgstr "%s '%s' del registro '%s'"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_entry.py:0
 #, python-format
 msgid "%s (copy)"
 msgstr "%s (copia)"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/controller.esm.js:0
+#, python-format
+msgid ""
+"A secure browser context is required. Please switch to https or contact your "
+"administrator"
+msgstr ""
+
+#. module: vault
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "A-Z"
 msgstr "A-Z"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/abstract_vault_field.py:0
 #: model:ir.model,name:vault.model_vault_abstract_field
 #, python-format
@@ -51,6 +63,7 @@ msgid "Abstract model to implement basic fields for encryption"
 msgstr "Modelo abstracto para implementar los campos básicos de encriptación"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/abstract_vault.py:0
 #: model:ir.model,name:vault.model_vault_abstract
 #, python-format
@@ -169,6 +182,7 @@ msgid "Allowed Write"
 msgstr "Permitido escribir"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/controllers/main.py:0
 #, python-format
 msgid "An error occured. Please contact the user or administrator"
@@ -187,7 +201,7 @@ msgid "By vault"
 msgstr "Por vault"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/common/utils.esm.js:0
 #: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_import_wizard
@@ -198,14 +212,14 @@ msgid "Cancel"
 msgstr "Cancelar"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/common/utils.esm.js:0
 #, python-format
 msgid "Cancelled"
 msgstr "Cancelado"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Characters:"
@@ -240,7 +254,7 @@ msgid "Config Settings"
 msgstr "Opciones de Configuración"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Confirm your password:"
@@ -252,8 +266,8 @@ msgid "Content"
 msgstr "Contenido"
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/backend/templates.xml:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/templates.xml:0
 #, python-format
 msgid "Copy to clipboard"
 msgstr "Copiar al portapapeles"
@@ -283,12 +297,14 @@ msgid "Created by"
 msgstr "Creado por"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_inbox.py:0
 #, python-format
 msgid "Created by %(name)s via %(ip)s"
 msgstr "Creado por %(name)s a través de %(ip)s"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/wizards/vault_send_wizard.py:0
 #, python-format
 msgid "Created by %s"
@@ -358,8 +374,8 @@ msgid "Display Name"
 msgstr "Nombre a mostrar"
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/legacy/vault_controller.js:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/controller.esm.js:0
 #, python-format
 msgid "Do you really want to create a new key pair and set it active?"
 msgstr "¿Realmente quiere crear un nuevo par de claves y activarlo?"
@@ -370,14 +386,14 @@ msgid "Download"
 msgstr "Descargar"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/common/utils.esm.js:0
 #, python-format
 msgid "Enter"
 msgstr "Ingrese a"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Enter your password:"
@@ -402,6 +418,7 @@ msgid "Entry"
 msgstr "Registro"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_entry.py:0
 #: model:ir.model,name:vault.model_vault_entry
 #, python-format
@@ -409,6 +426,7 @@ msgid "Entry inside a vault"
 msgstr "Entrar al interior de un vault"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_log.py:0
 #, python-format
 msgid "Error"
@@ -436,6 +454,7 @@ msgid "Export Vaults"
 msgstr "Exportar bóvedas"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault.py:0
 #: code:addons/vault/models/vault_entry.py:0
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_form
@@ -445,6 +464,7 @@ msgid "Export to file"
 msgstr "Exportar a fichero"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/wizards/vault_export_wizard.py:0
 #: model:ir.model,name:vault.model_vault_export_wizard
 #, python-format
@@ -452,27 +472,28 @@ msgid "Export wizard for vaults"
 msgstr "Asistente de exportación para vaults"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/vault.esm.js:0
 #, python-format
 msgid "Failed to export keys to object store"
 msgstr "Fallo en la exportación de claves al almacén de objetos"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/vault.esm.js:0
 #, python-format
 msgid "Failed to export the keys to the database"
 msgstr "Fallo en la exportación de claves a la base de datos"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/vault.esm.js:0
 #, python-format
 msgid "Failed to import keys from database"
 msgstr "Fallo en la importación de claves desde la base de datos"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_field.py:0
 #: model:ir.model,name:vault.model_vault_field
 #, python-format
@@ -486,6 +507,7 @@ msgid "Fields"
 msgstr "Campos"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_file.py:0
 #: model:ir.model,name:vault.model_vault_file
 #, python-format
@@ -515,14 +537,14 @@ msgid "Fingerprint"
 msgstr "Huella digital"
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/backend/templates.xml:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/templates.xml:0
 #, python-format
 msgid "Generate"
 msgstr "Generar"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Generate a new secret:"
@@ -534,8 +556,8 @@ msgid "Grouped"
 msgstr "Agrupado"
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/backend/templates.xml:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/templates.xml:0
 #, python-format
 msgid "Hide"
 msgstr "Ocultar"
@@ -583,6 +605,7 @@ msgid "Import Vaults"
 msgstr "Importar bóvedas"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault.py:0
 #: code:addons/vault/models/vault_entry.py:0
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_form
@@ -592,6 +615,7 @@ msgid "Import from file"
 msgstr "Importar desde archivo"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/wizards/vault_import_wizard.py:0
 #: model:ir.model,name:vault.model_vault_import_wizard
 #, python-format
@@ -599,6 +623,7 @@ msgid "Import wizard for vaults"
 msgstr "Asistente de importación para vaults"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/wizards/vault_import_wizard.py:0
 #: model:ir.model,name:vault.model_vault_import_wizard_path
 #, python-format
@@ -635,24 +660,28 @@ msgid "Include Childs"
 msgstr "Incluir hijos"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_log.py:0
 #, python-format
 msgid "Information"
 msgstr "Información"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/wizards/vault_import_wizard.py:0
 #, python-format
 msgid "Invalid file to import from"
 msgstr "Archivo inválido para importar"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/res_users_key.py:0
 #, python-format
 msgid "Invalid parameter"
 msgstr "Parámetro no válido"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/controllers/main.py:0
 #, python-format
 msgid "Invalid token"
@@ -693,8 +722,7 @@ msgid "Key"
 msgstr "Clave"
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/backend/templates.xml:0
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/user_menu.esm.js:0
 #, python-format
 msgid "Key Management"
@@ -706,7 +734,7 @@ msgid "Key User"
 msgstr "Clave de usuario"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Keyfile:"
@@ -775,7 +803,7 @@ msgid "Last Updated on"
 msgstr "Última actualización en"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Length:"
@@ -791,6 +819,7 @@ msgid "Log"
 msgstr "Registro"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_log.py:0
 #: model:ir.model,name:vault.model_vault_log
 #, python-format
@@ -820,13 +849,14 @@ msgid "Message"
 msgstr "Mensaje"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/controllers/main.py:0
 #, python-format
 msgid "Missing filename"
 msgstr "Falta el nombre del fichero"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/common/utils.esm.js:0
 #, python-format
 msgid "Missing password"
@@ -864,6 +894,13 @@ msgstr "Nombre"
 msgid "Name of your secret:"
 msgstr "Nombre de tu secreto:"
 
+#. module: vault
+#. odoo-python
+#: code:addons/vault/wizards/vault_send_wizard.py:0
+#, python-format
+msgid "Neither a secret nor file was given"
+msgstr ""
+
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
 msgid "New inbox link"
@@ -875,12 +912,14 @@ msgid "New private key"
 msgstr "Nueva clave privada"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/controllers/main.py:0
 #, python-format
 msgid "No secret found"
 msgstr "No se ha encontrado ningún secreto"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_inbox.py:0
 #: code:addons/vault/wizards/vault_send_wizard.py:0
 #: model:ir.model.constraint,message:vault.constraint_vault_inbox_value_check
@@ -918,7 +957,7 @@ msgid "Parent Entry"
 msgstr "Registro padre"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Password:"
@@ -940,7 +979,7 @@ msgid "Perm User"
 msgstr "Usuario permanente"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/export.esm.js:0
 #: code:addons/vault/static/src/backend/import.esm.js:0
 #, python-format
@@ -948,27 +987,28 @@ msgid "Please enter the password for the database"
 msgstr "Por favor, introduzca la contraseña de la base de datos"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/import.esm.js:0
 #, python-format
 msgid "Please enter the password for the keepass database"
 msgstr "Por favor, introduzca la contraseña de la base de datos keepass"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/vault.esm.js:0
 #, python-format
 msgid "Please enter the password for your private key"
 msgstr "Por favor, introduzca la contraseña de su clave privada"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Please enter your password or upload a keyfile:"
 msgstr "Por favor, introduzca su contraseña o cargue un archivo de claves:"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/controllers/main.py:0
 #, python-format
 msgid "Please specify a name"
@@ -1014,15 +1054,16 @@ msgid "Salt"
 msgstr "Sal"
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/legacy/vault_widget.js:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/vault_export_file.esm.js:0
+#: code:addons/vault/static/src/backend/fields/vault_file.esm.js:0
 #, python-format
 msgid "Save As..."
 msgstr "Guardar como..."
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/backend/templates.xml:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/templates.xml:0
 #, python-format
 msgid "Save in a vault"
 msgstr "Guardar en un vault"
@@ -1057,15 +1098,15 @@ msgid "Send"
 msgstr "Enviar"
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/backend/templates.xml:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/templates.xml:0
 #, python-format
 msgid "Send the secret to an user"
 msgstr "Enviar secreto a un usuario"
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/legacy/vault_widget.js:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/vault_mixin.esm.js:0
 #, python-format
 msgid "Send the secret to another user"
 msgstr "Enviar secreto a otro usuario"
@@ -1076,20 +1117,21 @@ msgid "Share"
 msgstr "Compartir"
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/backend/templates.xml:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/templates.xml:0
 #, python-format
 msgid "Show"
 msgstr "Mostrar"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/controllers/main.py:0
 #, python-format
 msgid "Something went wrong with the encryption"
 msgstr "Algo ha ido mal en el encriptado"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Special"
@@ -1106,8 +1148,8 @@ msgid "Store"
 msgstr "Tienda"
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/legacy/vault_widget.js:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/vault_inbox_mixin.esm.js:0
 #, python-format
 msgid "Store the secret in a vault"
 msgstr "Guarda el secreto en un vault"
@@ -1118,6 +1160,7 @@ msgid "Submit secret"
 msgstr "Enviar secreto"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/controllers/main.py:0
 #, python-format
 msgid "Successfully stored"
@@ -1129,6 +1172,7 @@ msgid "Tags"
 msgstr "Etiquetas"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault.py:0
 #: code:addons/vault/models/vault_entry.py:0
 #: model:ir.model.constraint,message:vault.constraint_vault_entry_vault_uuid_uniq
@@ -1138,8 +1182,9 @@ msgid "The UUID must be unique."
 msgstr "El UUID debe ser único."
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/legacy/vault_widget.js:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/vault_export_file.esm.js:0
+#: code:addons/vault/static/src/backend/fields/vault_file.esm.js:0
 #, python-format
 msgid "The field is empty, there's nothing to save!"
 msgstr "El campo está vacío, ¡no hay nada que guardar!"
@@ -1150,20 +1195,21 @@ msgid "The files must end on one of the supported file type:"
 msgstr "Los archivos deben terminar en uno de los tipos de archivo admitidos:"
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/legacy/vault_controller.js:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/controller.esm.js:0
 #, python-format
 msgid "The following entries are broken:"
 msgstr "Los siguientes registros están rotos:"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/common/utils.esm.js:0
 #, python-format
 msgid "The passwords aren't matching"
 msgstr "Las contraseñas no coinciden"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/abstract_vault.py:0
 #, python-format
 msgid ""
@@ -1173,6 +1219,7 @@ msgstr ""
 "seguridad."
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_tag.py:0
 #: model:ir.model.constraint,message:vault.constraint_vault_tag_name_uniq
 #, python-format
@@ -1180,6 +1227,7 @@ msgid "The tag must be unique!"
 msgstr "¡La etiqueta debe ser única!"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_right.py:0
 #: model:ir.model.constraint,message:vault.constraint_vault_right_user_uniq
 #, python-format
@@ -1192,7 +1240,7 @@ msgid "Token"
 msgstr "Token"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/import.esm.js:0
 #, python-format
 msgid "Unsupported file to import"
@@ -1204,6 +1252,7 @@ msgid "Url"
 msgstr "Url"
 
 #. module: vault
+#: model:ir.model,name:vault.model_res_users
 #: model:ir.model.fields,field_description:vault.field_res_users_key__user_id
 #: model:ir.model.fields,field_description:vault.field_vault_log__user_id
 #: model:ir.model.fields,field_description:vault.field_vault_right__user_id
@@ -1212,17 +1261,13 @@ msgid "User"
 msgstr "Usuario"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/res_users_key.py:0
 #: model:ir.model,name:vault.model_res_users_key
 #, python-format
 msgid "User data of a vault"
 msgstr "Datos de usuario de un vault"
 
-#. module: vault
-#: model:ir.model,name:vault.model_res_users
-msgid "Users"
-msgstr "Usuarios"
-
 #. module: vault
 #: model:ir.model.fields,help:vault.field_vault_inbox__inbox_link
 msgid ""
@@ -1250,6 +1295,7 @@ msgid "Value"
 msgstr "Valor"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault.py:0
 #: model:ir.actions.act_window,name:vault.action_vault
 #: model:ir.model,name:vault.model_vault
@@ -1270,6 +1316,34 @@ msgstr "Valor"
 msgid "Vault"
 msgstr "Bóveda"
 
+#. module: vault
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/vault_field.esm.js:0
+#, python-format
+msgid "Vault Field"
+msgstr ""
+
+#. module: vault
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/vault_file.esm.js:0
+#, python-format
+msgid "Vault File"
+msgstr ""
+
+#. module: vault
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/vault_inbox_field.esm.js:0
+#, python-format
+msgid "Vault Inbox Field"
+msgstr ""
+
+#. module: vault
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/vault_inbox_file.esm.js:0
+#, python-format
+msgid "Vault Inbox File"
+msgstr ""
+
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users__vault_right_ids
 msgid "Vault Right"
@@ -1281,6 +1355,7 @@ msgid "Vault Share"
 msgstr "Compartir vault"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_inbox_log.py:0
 #: model:ir.model,name:vault.model_vault_inbox_log
 #, python-format
@@ -1288,6 +1363,14 @@ msgid "Vault inbox log"
 msgstr "Registro de bandeja de entrada de vault"
 
 #. module: vault
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/controller.esm.js:0
+#, python-format
+msgid "Vault is not supported"
+msgstr ""
+
+#. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_right.py:0
 #: model:ir.model,name:vault.model_vault_right
 #, python-format
@@ -1295,6 +1378,7 @@ msgid "Vault rights"
 msgstr "Permisos de vault"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_inbox.py:0
 #: model:ir.model,name:vault.model_vault_inbox
 #, python-format
@@ -1302,6 +1386,7 @@ msgid "Vault share incoming secrets"
 msgstr "Compartir los secretos de entrada de vault"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_tag.py:0
 #: model:ir.model,name:vault.model_vault_tag
 #, python-format
@@ -1324,12 +1409,14 @@ msgid "Version"
 msgstr "Versión"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_log.py:0
 #, python-format
 msgid "Warning"
 msgstr "Advertencia"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/wizards/vault_store_wizard.py:0
 #: model:ir.model,name:vault.model_vault_store_wizard
 #, python-format
@@ -1337,6 +1424,7 @@ msgid "Wizard store a shared secret in a vault"
 msgstr "Asistente de almacenado de secreto compartido en un vault"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/wizards/vault_send_wizard.py:0
 #: model:ir.model,name:vault.model_vault_send_wizard
 #, python-format
@@ -1349,12 +1437,14 @@ msgid "Write"
 msgstr "Escribir"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_inbox.py:0
 #, python-format
 msgid "Written by %(name)s via %(ip)s"
 msgstr "Escrito por %(name)s vía %(ip)s"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_entry.py:0
 #, python-format
 msgid "You can not create recursive entries."
@@ -1381,7 +1471,7 @@ msgstr ""
 "continuar?"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "a-z"
@@ -1394,6 +1484,9 @@ msgstr "a-z"
 msgid "or"
 msgstr "o"
 
+#~ msgid "Users"
+#~ msgstr "Usuarios"
+
 #, python-format
 #~ msgid ""
 #~ "This will re-encrypt everything in the vault. Do you want to proceed?"
diff --git a/vault/i18n/nl.po b/vault/i18n/nl.po
index f68e2479c0..eeb7fc93f9 100644
--- a/vault/i18n/nl.po
+++ b/vault/i18n/nl.po
@@ -17,32 +17,44 @@ msgstr ""
 "X-Generator: Weblate 4.14.1\n"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_entry.py:0
 #, python-format
 msgid "%(action)s entry %(name)s by %(user)s"
 msgstr "%(action)s toegang %(name)s door %(user)s"
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/legacy/vault_controller.js:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/controller.esm.js:0
 #, python-format
 msgid "%s '%s' of entry '%s'"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_entry.py:0
 #, python-format
 msgid "%s (copy)"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/controller.esm.js:0
+#, python-format
+msgid ""
+"A secure browser context is required. Please switch to https or contact your "
+"administrator"
+msgstr ""
+
+#. module: vault
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "A-Z"
 msgstr "A-Z"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/abstract_vault_field.py:0
 #: model:ir.model,name:vault.model_vault_abstract_field
 #, python-format
@@ -50,6 +62,7 @@ msgid "Abstract model to implement basic fields for encryption"
 msgstr "Abstract model om basisvelden voor encryptie te implementeren"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/abstract_vault.py:0
 #: model:ir.model,name:vault.model_vault_abstract
 #, python-format
@@ -168,6 +181,7 @@ msgid "Allowed Write"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/controllers/main.py:0
 #, python-format
 msgid "An error occured. Please contact the user or administrator"
@@ -185,7 +199,7 @@ msgid "By vault"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/common/utils.esm.js:0
 #: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_import_wizard
@@ -196,14 +210,14 @@ msgid "Cancel"
 msgstr "Annuleer"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/common/utils.esm.js:0
 #, python-format
 msgid "Cancelled"
 msgstr "Geannuleerd"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Characters:"
@@ -238,7 +252,7 @@ msgid "Config Settings"
 msgstr "Configuratie-instellingen"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Confirm your password:"
@@ -250,8 +264,8 @@ msgid "Content"
 msgstr "Inhoud"
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/backend/templates.xml:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/templates.xml:0
 #, python-format
 msgid "Copy to clipboard"
 msgstr "Kopiëren naar klembord"
@@ -281,12 +295,14 @@ msgid "Created by"
 msgstr "Aangemaakt door"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_inbox.py:0
 #, python-format
 msgid "Created by %(name)s via %(ip)s"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/wizards/vault_send_wizard.py:0
 #, python-format
 msgid "Created by %s"
@@ -356,8 +372,8 @@ msgid "Display Name"
 msgstr "Schermnaam"
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/legacy/vault_controller.js:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/controller.esm.js:0
 #, python-format
 msgid "Do you really want to create a new key pair and set it active?"
 msgstr "Wilt u echt een nieuw sleutelpaar aanmaken en activeren?"
@@ -368,14 +384,14 @@ msgid "Download"
 msgstr "Download"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/common/utils.esm.js:0
 #, python-format
 msgid "Enter"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Enter your password:"
@@ -400,6 +416,7 @@ msgid "Entry"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_entry.py:0
 #: model:ir.model,name:vault.model_vault_entry
 #, python-format
@@ -407,6 +424,7 @@ msgid "Entry inside a vault"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_log.py:0
 #, python-format
 msgid "Error"
@@ -434,6 +452,7 @@ msgid "Export Vaults"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault.py:0
 #: code:addons/vault/models/vault_entry.py:0
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_form
@@ -443,6 +462,7 @@ msgid "Export to file"
 msgstr "Export naar bestand"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/wizards/vault_export_wizard.py:0
 #: model:ir.model,name:vault.model_vault_export_wizard
 #, python-format
@@ -450,27 +470,28 @@ msgid "Export wizard for vaults"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/vault.esm.js:0
 #, python-format
 msgid "Failed to export keys to object store"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/vault.esm.js:0
 #, python-format
 msgid "Failed to export the keys to the database"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/vault.esm.js:0
 #, python-format
 msgid "Failed to import keys from database"
 msgstr "Kan geen sleutels uit database importeren"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_field.py:0
 #: model:ir.model,name:vault.model_vault_field
 #, python-format
@@ -484,6 +505,7 @@ msgid "Fields"
 msgstr "Velden"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_file.py:0
 #: model:ir.model,name:vault.model_vault_file
 #, python-format
@@ -513,14 +535,14 @@ msgid "Fingerprint"
 msgstr "Fingerprint"
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/backend/templates.xml:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/templates.xml:0
 #, python-format
 msgid "Generate"
 msgstr "Genereer"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Generate a new secret:"
@@ -532,8 +554,8 @@ msgid "Grouped"
 msgstr "Gegroepeerd"
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/backend/templates.xml:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/templates.xml:0
 #, python-format
 msgid "Hide"
 msgstr "Verbergen"
@@ -578,6 +600,7 @@ msgid "Import Vaults"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault.py:0
 #: code:addons/vault/models/vault_entry.py:0
 #: model_terms:ir.ui.view,arch_db:vault.view_vault_entry_form
@@ -587,6 +610,7 @@ msgid "Import from file"
 msgstr "Importeren uit bestand"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/wizards/vault_import_wizard.py:0
 #: model:ir.model,name:vault.model_vault_import_wizard
 #, python-format
@@ -594,6 +618,7 @@ msgid "Import wizard for vaults"
 msgstr "Wizard voor het importeren van kluizen"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/wizards/vault_import_wizard.py:0
 #: model:ir.model,name:vault.model_vault_import_wizard_path
 #, python-format
@@ -630,24 +655,28 @@ msgid "Include Childs"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_log.py:0
 #, python-format
 msgid "Information"
 msgstr "Informatie"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/wizards/vault_import_wizard.py:0
 #, python-format
 msgid "Invalid file to import from"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/res_users_key.py:0
 #, python-format
 msgid "Invalid parameter"
 msgstr "Ongeldige parameter"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/controllers/main.py:0
 #, python-format
 msgid "Invalid token"
@@ -688,8 +717,7 @@ msgid "Key"
 msgstr "Sleutel"
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/backend/templates.xml:0
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/user_menu.esm.js:0
 #, python-format
 msgid "Key Management"
@@ -701,7 +729,7 @@ msgid "Key User"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Keyfile:"
@@ -770,7 +798,7 @@ msgid "Last Updated on"
 msgstr "Laatst bijgewerkt op"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Length:"
@@ -786,6 +814,7 @@ msgid "Log"
 msgstr "Log"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_log.py:0
 #: model:ir.model,name:vault.model_vault_log
 #, python-format
@@ -815,13 +844,14 @@ msgid "Message"
 msgstr "Bericht"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/controllers/main.py:0
 #, python-format
 msgid "Missing filename"
 msgstr "Ontbrekende bestandsnaam"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/common/utils.esm.js:0
 #, python-format
 msgid "Missing password"
@@ -859,6 +889,13 @@ msgstr "Naam"
 msgid "Name of your secret:"
 msgstr ""
 
+#. module: vault
+#. odoo-python
+#: code:addons/vault/wizards/vault_send_wizard.py:0
+#, python-format
+msgid "Neither a secret nor file was given"
+msgstr ""
+
 #. module: vault
 #: model_terms:ir.ui.view,arch_db:vault.view_users_form_keys_modif
 msgid "New inbox link"
@@ -870,12 +907,14 @@ msgid "New private key"
 msgstr "Nieuwe privésleutel"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/controllers/main.py:0
 #, python-format
 msgid "No secret found"
 msgstr "Geen geheim gevonden"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_inbox.py:0
 #: code:addons/vault/wizards/vault_send_wizard.py:0
 #: model:ir.model.constraint,message:vault.constraint_vault_inbox_value_check
@@ -913,7 +952,7 @@ msgid "Parent Entry"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Password:"
@@ -935,7 +974,7 @@ msgid "Perm User"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/export.esm.js:0
 #: code:addons/vault/static/src/backend/import.esm.js:0
 #, python-format
@@ -943,27 +982,28 @@ msgid "Please enter the password for the database"
 msgstr "Voer het wachtwoord van de database in"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/import.esm.js:0
 #, python-format
 msgid "Please enter the password for the keepass database"
 msgstr "Voer het wachtwoord van de keepass database in"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/vault.esm.js:0
 #, python-format
 msgid "Please enter the password for your private key"
 msgstr "Voer het wachtwoord voor uw privésleutel in"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Please enter your password or upload a keyfile:"
 msgstr "Voer uw wachtwoord in of upload een keyfile:"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/controllers/main.py:0
 #, python-format
 msgid "Please specify a name"
@@ -1009,15 +1049,16 @@ msgid "Salt"
 msgstr ""
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/legacy/vault_widget.js:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/vault_export_file.esm.js:0
+#: code:addons/vault/static/src/backend/fields/vault_file.esm.js:0
 #, python-format
 msgid "Save As..."
 msgstr "Opslaan als..."
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/backend/templates.xml:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/templates.xml:0
 #, python-format
 msgid "Save in a vault"
 msgstr "Opslaan in een kluis"
@@ -1052,15 +1093,15 @@ msgid "Send"
 msgstr "Verzenden"
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/backend/templates.xml:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/templates.xml:0
 #, python-format
 msgid "Send the secret to an user"
 msgstr "Verzend het geheim naar een gebruiker"
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/legacy/vault_widget.js:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/vault_mixin.esm.js:0
 #, python-format
 msgid "Send the secret to another user"
 msgstr "Verzend het geheim naar een andere gebruiker"
@@ -1071,20 +1112,21 @@ msgid "Share"
 msgstr "Delen"
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/backend/templates.xml:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/templates.xml:0
 #, python-format
 msgid "Show"
 msgstr "Toon"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/controllers/main.py:0
 #, python-format
 msgid "Something went wrong with the encryption"
 msgstr "Er ging iets mis met de encryptie"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "Special"
@@ -1101,8 +1143,8 @@ msgid "Store"
 msgstr ""
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/legacy/vault_widget.js:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/vault_inbox_mixin.esm.js:0
 #, python-format
 msgid "Store the secret in a vault"
 msgstr ""
@@ -1113,6 +1155,7 @@ msgid "Submit secret"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/controllers/main.py:0
 #, python-format
 msgid "Successfully stored"
@@ -1124,6 +1167,7 @@ msgid "Tags"
 msgstr "Labels"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault.py:0
 #: code:addons/vault/models/vault_entry.py:0
 #: model:ir.model.constraint,message:vault.constraint_vault_entry_vault_uuid_uniq
@@ -1133,8 +1177,9 @@ msgid "The UUID must be unique."
 msgstr "De UUID moet uniek zijn."
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/legacy/vault_widget.js:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/vault_export_file.esm.js:0
+#: code:addons/vault/static/src/backend/fields/vault_file.esm.js:0
 #, python-format
 msgid "The field is empty, there's nothing to save!"
 msgstr ""
@@ -1145,20 +1190,21 @@ msgid "The files must end on one of the supported file type:"
 msgstr ""
 
 #. module: vault
-#. openerp-web
-#: code:addons/vault/static/src/legacy/vault_controller.js:0
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/controller.esm.js:0
 #, python-format
 msgid "The following entries are broken:"
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/common/utils.esm.js:0
 #, python-format
 msgid "The passwords aren't matching"
 msgstr "De wachtwoorden komen niet overeen"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/abstract_vault.py:0
 #, python-format
 msgid ""
@@ -1166,6 +1212,7 @@ msgid ""
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_tag.py:0
 #: model:ir.model.constraint,message:vault.constraint_vault_tag_name_uniq
 #, python-format
@@ -1173,6 +1220,7 @@ msgid "The tag must be unique!"
 msgstr "Het label moet uniek zijn!"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_right.py:0
 #: model:ir.model.constraint,message:vault.constraint_vault_right_user_uniq
 #, python-format
@@ -1185,7 +1233,7 @@ msgid "Token"
 msgstr "Token"
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/import.esm.js:0
 #, python-format
 msgid "Unsupported file to import"
@@ -1197,6 +1245,7 @@ msgid "Url"
 msgstr "Url"
 
 #. module: vault
+#: model:ir.model,name:vault.model_res_users
 #: model:ir.model.fields,field_description:vault.field_res_users_key__user_id
 #: model:ir.model.fields,field_description:vault.field_vault_log__user_id
 #: model:ir.model.fields,field_description:vault.field_vault_right__user_id
@@ -1205,17 +1254,13 @@ msgid "User"
 msgstr "Gebruiker"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/res_users_key.py:0
 #: model:ir.model,name:vault.model_res_users_key
 #, python-format
 msgid "User data of a vault"
 msgstr ""
 
-#. module: vault
-#: model:ir.model,name:vault.model_res_users
-msgid "Users"
-msgstr "Gebruikers"
-
 #. module: vault
 #: model:ir.model.fields,help:vault.field_vault_inbox__inbox_link
 msgid ""
@@ -1240,6 +1285,7 @@ msgid "Value"
 msgstr "Waarde"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault.py:0
 #: model:ir.actions.act_window,name:vault.action_vault
 #: model:ir.model,name:vault.model_vault
@@ -1260,6 +1306,34 @@ msgstr "Waarde"
 msgid "Vault"
 msgstr ""
 
+#. module: vault
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/vault_field.esm.js:0
+#, python-format
+msgid "Vault Field"
+msgstr ""
+
+#. module: vault
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/vault_file.esm.js:0
+#, python-format
+msgid "Vault File"
+msgstr ""
+
+#. module: vault
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/vault_inbox_field.esm.js:0
+#, python-format
+msgid "Vault Inbox Field"
+msgstr ""
+
+#. module: vault
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/fields/vault_inbox_file.esm.js:0
+#, python-format
+msgid "Vault Inbox File"
+msgstr ""
+
 #. module: vault
 #: model:ir.model.fields,field_description:vault.field_res_users__vault_right_ids
 msgid "Vault Right"
@@ -1271,6 +1345,7 @@ msgid "Vault Share"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_inbox_log.py:0
 #: model:ir.model,name:vault.model_vault_inbox_log
 #, python-format
@@ -1278,6 +1353,14 @@ msgid "Vault inbox log"
 msgstr ""
 
 #. module: vault
+#. odoo-javascript
+#: code:addons/vault/static/src/backend/controller.esm.js:0
+#, python-format
+msgid "Vault is not supported"
+msgstr ""
+
+#. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_right.py:0
 #: model:ir.model,name:vault.model_vault_right
 #, python-format
@@ -1285,6 +1368,7 @@ msgid "Vault rights"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_inbox.py:0
 #: model:ir.model,name:vault.model_vault_inbox
 #, python-format
@@ -1292,6 +1376,7 @@ msgid "Vault share incoming secrets"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_tag.py:0
 #: model:ir.model,name:vault.model_vault_tag
 #, python-format
@@ -1314,12 +1399,14 @@ msgid "Version"
 msgstr "Versie"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_log.py:0
 #, python-format
 msgid "Warning"
 msgstr "Waarschuwing"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/wizards/vault_store_wizard.py:0
 #: model:ir.model,name:vault.model_vault_store_wizard
 #, python-format
@@ -1327,6 +1414,7 @@ msgid "Wizard store a shared secret in a vault"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/wizards/vault_send_wizard.py:0
 #: model:ir.model,name:vault.model_vault_send_wizard
 #, python-format
@@ -1339,12 +1427,14 @@ msgid "Write"
 msgstr ""
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_inbox.py:0
 #, python-format
 msgid "Written by %(name)s via %(ip)s"
 msgstr "Geschreven door %(name)s via %(ip)s"
 
 #. module: vault
+#. odoo-python
 #: code:addons/vault/models/vault_entry.py:0
 #, python-format
 msgid "You can not create recursive entries."
@@ -1365,7 +1455,7 @@ msgid ""
 msgstr ""
 
 #. module: vault
-#. openerp-web
+#. odoo-javascript
 #: code:addons/vault/static/src/backend/templates.xml:0
 #, python-format
 msgid "a-z"
@@ -1378,6 +1468,9 @@ msgstr "a-z"
 msgid "or"
 msgstr "of"
 
+#~ msgid "Users"
+#~ msgstr "Gebruikers"
+
 #, python-format
 #~ msgid ""
 #~ "This will re-encrypt everything in the vault. Do you want to proceed?"