diff --git a/website_require_login/README.rst b/website_require_login/README.rst new file mode 100644 index 0000000000..1c26eddb17 --- /dev/null +++ b/website_require_login/README.rst @@ -0,0 +1,81 @@ +====================== +Website Login Required +====================== + +.. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + !! This file is generated by oca-gen-addon-readme !! + !! changes will be overwritten. !! + !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + +.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png + :target: https://odoo-community.org/page/development-status + :alt: Beta +.. |badge2| image:: https://img.shields.io/badge/licence-LGPL--3-blue.png + :target: http://www.gnu.org/licenses/lgpl-3.0-standalone.html + :alt: License: LGPL-3 +.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fwebsite-lightgray.png?logo=github + :target: https://github.com/OCA/website/tree/14.0/website_require_login + :alt: OCA/website +.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png + :target: https://translation.odoo-community.org/projects/website-14-0/website-14-0-website_require_login + :alt: Translate me on Weblate +.. |badge5| image:: https://img.shields.io/badge/runbot-Try%20me-875A7B.png + :target: https://runbot.odoo-community.org/runbot/186/14.0 + :alt: Try me on Runbot + +|badge1| |badge2| |badge3| |badge4| |badge5| + +This module allows to restrict access to specific website pages to logged users. + +**Table of contents** + +.. contents:: + :local: + +Usage +===== + +Website > Configuration > Authorization required URLs: select a website and enter a relative path, eg: /shop + +When public user will try to access mywebsite.com/shop or any of its child pages, they will be requested to login. + +Bug Tracker +=========== + +Bugs are tracked on `GitHub Issues `_. +In case of trouble, please check there if your issue has already been reported. +If you spotted it first, help us smashing it by providing a detailed and welcomed +`feedback `_. + +Do not contact contributors directly about support or help with technical issues. + +Credits +======= + +Authors +~~~~~~~ + +* Advitus MB +* Ooops + +Contributors +~~~~~~~~~~~~ + +* Ooops404 + +Maintainers +~~~~~~~~~~~ + +This module is maintained by the OCA. + +.. image:: https://odoo-community.org/logo.png + :alt: Odoo Community Association + :target: https://odoo-community.org + +OCA, or the Odoo Community Association, is a nonprofit organization whose +mission is to support the collaborative development of Odoo features and +promote its widespread use. + +This module is part of the `OCA/website `_ project on GitHub. + +You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute. diff --git a/website_require_login/__init__.py b/website_require_login/__init__.py new file mode 100644 index 0000000000..60cb7a94f1 --- /dev/null +++ b/website_require_login/__init__.py @@ -0,0 +1,4 @@ +# Copyright 2020 Advitus MB +# License LGPL-3.0 or later (https://www.gnu.org/licenses/lgpl-3.0). + +from . import models diff --git a/website_require_login/__manifest__.py b/website_require_login/__manifest__.py new file mode 100644 index 0000000000..7dc343fb3e --- /dev/null +++ b/website_require_login/__manifest__.py @@ -0,0 +1,21 @@ +# Copyright 2020 Advitus MB +# License LGPL-3.0 or later (https://www.gnu.org/licenses/lgpl-3.0). + +{ + "name": "Website Login Required", + "category": "Website", + "version": "14.0.1.0.0", + "author": "Advitus MB, Ooops, Odoo Community Association (OCA)", + "website": "https://github.com/OCA/website", + "license": "LGPL-3", + "depends": [ + "website", + ], + "data": [ + "security/ir.model.access.csv", + "views/website_auth_url.xml", + "data/ir_actions.xml", + "data/ir_ui_menu.xml", + ], + "installable": True, +} diff --git a/website_require_login/data/ir_actions.xml b/website_require_login/data/ir_actions.xml new file mode 100644 index 0000000000..886a574c39 --- /dev/null +++ b/website_require_login/data/ir_actions.xml @@ -0,0 +1,12 @@ + + + + + Authorization required URLs + website.auth.url + tree + + current + + + diff --git a/website_require_login/data/ir_ui_menu.xml b/website_require_login/data/ir_ui_menu.xml new file mode 100644 index 0000000000..87d7d56be0 --- /dev/null +++ b/website_require_login/data/ir_ui_menu.xml @@ -0,0 +1,12 @@ + + + + + + diff --git a/website_require_login/i18n/website_require_login.pot b/website_require_login/i18n/website_require_login.pot new file mode 100644 index 0000000000..d982b85332 --- /dev/null +++ b/website_require_login/i18n/website_require_login.pot @@ -0,0 +1,87 @@ +# Translation of Odoo Server. +# This file contains the translation of the following modules: +# * website_require_login +# +msgid "" +msgstr "" +"Project-Id-Version: Odoo Server 14.0\n" +"Report-Msgid-Bugs-To: \n" +"Last-Translator: \n" +"Language-Team: \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: \n" +"Plural-Forms: \n" + +#. module: website_require_login +#: model:ir.actions.act_window,name:website_require_login.action_website_auth_url +#: model:ir.model,name:website_require_login.model_website_auth_url +#: model:ir.ui.menu,name:website_require_login.menu_website_auth_url +#: model_terms:ir.ui.view,arch_db:website_require_login.website_auth_url_tree_view +msgid "Authorization required URLs" +msgstr "" + +#. module: website_require_login +#: model:ir.model.fields,field_description:website_require_login.field_website_auth_url__create_uid +msgid "Created by" +msgstr "" + +#. module: website_require_login +#: model:ir.model.fields,field_description:website_require_login.field_website_auth_url__create_date +msgid "Created on" +msgstr "" + +#. module: website_require_login +#: model:ir.model.fields,field_description:website_require_login.field_ir_http__display_name +#: model:ir.model.fields,field_description:website_require_login.field_website_auth_url__display_name +msgid "Display Name" +msgstr "" + +#. module: website_require_login +#: model:ir.model,name:website_require_login.model_ir_http +msgid "HTTP Routing" +msgstr "" + +#. module: website_require_login +#: model:ir.model.fields,field_description:website_require_login.field_ir_http__id +#: model:ir.model.fields,field_description:website_require_login.field_website_auth_url__id +msgid "ID" +msgstr "" + +#. module: website_require_login +#: model:ir.model.fields,field_description:website_require_login.field_ir_http____last_update +#: model:ir.model.fields,field_description:website_require_login.field_website_auth_url____last_update +msgid "Last Modified on" +msgstr "" + +#. module: website_require_login +#: model:ir.model.fields,field_description:website_require_login.field_website_auth_url__write_uid +msgid "Last Updated by" +msgstr "" + +#. module: website_require_login +#: model:ir.model.fields,field_description:website_require_login.field_website_auth_url__write_date +msgid "Last Updated on" +msgstr "" + +#. module: website_require_login +#: model:ir.model.fields,field_description:website_require_login.field_website_auth_url__path +msgid "Path" +msgstr "" + +#. module: website_require_login +#: model:ir.model.fields,help:website_require_login.field_website_auth_url__path +msgid "" +"Relative URL path and subpath. Ex.: /shop will restrict /shop, " +"/shop/product, etc." +msgstr "" + +#. module: website_require_login +#: model:ir.model.constraint,message:website_require_login.constraint_website_auth_url_path_unique +msgid "The path must be unique per website!" +msgstr "" + +#. module: website_require_login +#: model:ir.model.fields,field_description:website_require_login.field_website_auth_url__website_id +msgid "Website" +msgstr "" diff --git a/website_require_login/models/__init__.py b/website_require_login/models/__init__.py new file mode 100644 index 0000000000..1705202e27 --- /dev/null +++ b/website_require_login/models/__init__.py @@ -0,0 +1,5 @@ +# Copyright 2020 Advitus MB +# License LGPL-3.0 or later (https://www.gnu.org/licenses/lgpl-3.0). + +from . import ir_http +from . import website_auth_url diff --git a/website_require_login/models/ir_http.py b/website_require_login/models/ir_http.py new file mode 100644 index 0000000000..72ee73b57f --- /dev/null +++ b/website_require_login/models/ir_http.py @@ -0,0 +1,36 @@ +# Copyright 2020 Advitus MB +# License LGPL-3.0 or later (https://www.gnu.org/licenses/lgpl-3.0). +from pathlib import Path + +from odoo import models +from odoo.http import request + + +class IrHttp(models.AbstractModel): + _inherit = "ir.http" + + @classmethod + def _dispatch(cls): + res = super(IrHttp, cls)._dispatch() + + # if not website request - skip + + website = request.env["website"].sudo().get_current_website() + if not website: + return res + if request.uid == website.user_id.id: + auth_paths = ( + request.env["website.auth.url"] + .sudo() + .search( + [ + ("website_id", "=", website.id), + ] + ) + .mapped("path") + ) + path = request.httprequest.path + for auth_path in auth_paths: + if auth_path == path or Path(auth_path) in Path(path).parents: + return request.redirect("/web/login?redirect=%s" % path) + return res diff --git a/website_require_login/models/website_auth_url.py b/website_require_login/models/website_auth_url.py new file mode 100644 index 0000000000..35a8a4ccd6 --- /dev/null +++ b/website_require_login/models/website_auth_url.py @@ -0,0 +1,30 @@ +# Copyright 2020 Advitus MB +# License LGPL-3.0 or later (https://www.gnu.org/licenses/lgpl-3.0). + +from odoo import fields, models + + +class WebsiteAuthURL(models.Model): + _name = "website.auth.url" + _description = "Authorization required URLs" + + website_id = fields.Many2one( + comodel_name="website", + required=True, + ) + + path = fields.Char( + required=True, + help=( + "Relative URL path and subpath. " + "Ex.: /shop will restrict /shop, /shop/product, etc." + ), + ) + + _sql_constraints = [ + ( + "path_unique", + "unique (website_id, path)", + "The path must be unique per website!", + ) + ] diff --git a/website_require_login/readme/CONTRIBUTORS.rst b/website_require_login/readme/CONTRIBUTORS.rst new file mode 100644 index 0000000000..b5f195b844 --- /dev/null +++ b/website_require_login/readme/CONTRIBUTORS.rst @@ -0,0 +1 @@ +* Ooops404 diff --git a/website_require_login/readme/DESCRIPTION.rst b/website_require_login/readme/DESCRIPTION.rst new file mode 100644 index 0000000000..ce26df0921 --- /dev/null +++ b/website_require_login/readme/DESCRIPTION.rst @@ -0,0 +1 @@ +This module allows to restrict access to specific website pages to logged users. diff --git a/website_require_login/readme/USAGE.rst b/website_require_login/readme/USAGE.rst new file mode 100644 index 0000000000..4c2b178cdf --- /dev/null +++ b/website_require_login/readme/USAGE.rst @@ -0,0 +1,3 @@ +Website > Configuration > Authorization required URLs: select a website and enter a relative path, eg: /shop + +When public user will try to access mywebsite.com/shop or any of its child pages, they will be requested to login. diff --git a/website_require_login/security/ir.model.access.csv b/website_require_login/security/ir.model.access.csv new file mode 100644 index 0000000000..d4e9707222 --- /dev/null +++ b/website_require_login/security/ir.model.access.csv @@ -0,0 +1,2 @@ +id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink +access_website_auth_url,access_website_auth_url,model_website_auth_url,website.group_website_designer,1,1,1,1 diff --git a/website_require_login/static/description/icon.png b/website_require_login/static/description/icon.png new file mode 100644 index 0000000000..3a0328b516 Binary files /dev/null and b/website_require_login/static/description/icon.png differ diff --git a/website_require_login/static/description/index.html b/website_require_login/static/description/index.html new file mode 100644 index 0000000000..d2a75b8265 --- /dev/null +++ b/website_require_login/static/description/index.html @@ -0,0 +1,426 @@ + + + + + + +Website Login Required + + + +
+

Website Login Required

+ + +

Beta License: LGPL-3 OCA/website Translate me on Weblate Try me on Runbot

+

This module allows to restrict access to specific website pages to logged users.

+

Table of contents

+ +
+

Usage

+

Website > Configuration > Authorization required URLs: select a website and enter a relative path, eg: /shop

+

When public user will try to access mywebsite.com/shop or any of its child pages, they will be requested to login.

+
+
+

Bug Tracker

+

Bugs are tracked on GitHub Issues. +In case of trouble, please check there if your issue has already been reported. +If you spotted it first, help us smashing it by providing a detailed and welcomed +feedback.

+

Do not contact contributors directly about support or help with technical issues.

+
+
+

Credits

+
+

Authors

+
    +
  • Advitus MB
  • +
  • Ooops
  • +
+
+ +
+

Maintainers

+

This module is maintained by the OCA.

+Odoo Community Association +

OCA, or the Odoo Community Association, is a nonprofit organization whose +mission is to support the collaborative development of Odoo features and +promote its widespread use.

+

This module is part of the OCA/website project on GitHub.

+

You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.

+
+
+
+ + diff --git a/website_require_login/tests/__init__.py b/website_require_login/tests/__init__.py new file mode 100644 index 0000000000..e2983aa2a4 --- /dev/null +++ b/website_require_login/tests/__init__.py @@ -0,0 +1 @@ +from . import test_ir_http diff --git a/website_require_login/tests/test_ir_http.py b/website_require_login/tests/test_ir_http.py new file mode 100644 index 0000000000..23d31cf2ed --- /dev/null +++ b/website_require_login/tests/test_ir_http.py @@ -0,0 +1,37 @@ +from odoo.tests import HttpCase + + +class TestIrHttp(HttpCase): + def setUp(self): + super().setUp() + self.website = self.env["website"].sudo().get_current_website() + self.auth_url = self.env["website.auth.url"].create( + {"website_id": self.website.id, "path": "/contactus"} + ) + self.user = self.env["res.users"].create( + {"name": "Test User", "login": "test_user", "password": "12345"} + ) + self.path = "/contactus" + self.expected_path = "/web/login?redirect=%s" % self.path + + def test_dispatch_unauthorized(self): + # Test that an unauthorized user cannot access "/auth_path + self.authenticate(None, None) + response = self.url_open(self.path, allow_redirects=False) + self.assertEqual( + response.status_code, + 302, + "Expected the response status code to be 302 indicating a redirect", + ) + + self.assertIn(self.expected_path, response.headers["Location"]) + + def test_dispatch_authorized(self): + # Test that an authorized user can access "/auth_path + self.authenticate(user="test_user", password="12345") + response = self.url_open(self.path) + self.assertEqual( + response.status_code, + 200, + "Expected the response status code to be 200 which means no redirection", + ) diff --git a/website_require_login/views/website_auth_url.xml b/website_require_login/views/website_auth_url.xml new file mode 100644 index 0000000000..c60e9e218b --- /dev/null +++ b/website_require_login/views/website_auth_url.xml @@ -0,0 +1,15 @@ + + + + + website.auth.url + website.auth.url + + + + + + + + +