From 8dd675af6a631200c8a37b43fc64a84941616f3f Mon Sep 17 00:00:00 2001 From: Ajmal JK Date: Fri, 7 Feb 2020 11:56:36 +0530 Subject: [PATCH] [FIX] Bug fixed incorrect password 'access_restriction_by_ip' --- access_restriction_by_ip/__manifest__.py | 2 +- access_restriction_by_ip/controllers/main.py | 49 ++++++++++++------- access_restriction_by_ip/doc/RELEASE_NOTES.md | 5 ++ 3 files changed, 36 insertions(+), 20 deletions(-) diff --git a/access_restriction_by_ip/__manifest__.py b/access_restriction_by_ip/__manifest__.py index bdb2677ac..af0393632 100644 --- a/access_restriction_by_ip/__manifest__.py +++ b/access_restriction_by_ip/__manifest__.py @@ -19,7 +19,7 @@ { 'name': 'Access Restriction By IP', 'summary': """User Can Access His Account Only From Specified IP Address""", - 'version': '13.0.1.0.0', + 'version': '13.0.1.0.1', 'description': """User Can Access His Account Only From Specified IP Address""", 'author': 'Cybrosys Techno Solutions', 'company': 'Cybrosys Techno Solutions', diff --git a/access_restriction_by_ip/controllers/main.py b/access_restriction_by_ip/controllers/main.py index e59cbac1d..9a526c659 100644 --- a/access_restriction_by_ip/controllers/main.py +++ b/access_restriction_by_ip/controllers/main.py @@ -47,32 +47,43 @@ class Home(main.Home): old_uid = request.uid ip_address = request.httprequest.environ['REMOTE_ADDR'] if request.params['login']: - user_rec = request.env['res.users'].sudo().search([('login', '=', request.params['login'])]) + user_rec = request.env['res.users'].sudo().search( + [('login', '=', request.params['login'])]) if user_rec.allowed_ips: ip_list = [] for rec in user_rec.allowed_ips: ip_list.append(rec.ip_address) if ip_address in ip_list: - uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) - if uid is not False: - request.params['login_success'] = True - if not redirect: - redirect = '/web' - return http.redirect_with_hash(redirect) + try: + uid = request.session.authenticate( + request.session.db, + request.params[ + 'login'], + request.params[ + 'password']) + request.params['login_success'] = True + return http.redirect_with_hash( + self._login_redirect(uid, redirect=redirect)) + except odoo.exceptions.AccessDenied as e: + request.uid = old_uid + if e.args == odoo.exceptions.AccessDenied().args: + values['error'] = _("Wrong login/password") + else: request.uid = old_uid - values['error'] = _("Wrong login/password") - request.uid = old_uid - values['error'] = _("Not allowed to login from this IP") + values['error'] = _("Not allowed to login from this IP") else: - uid = request.session.authenticate(request.session.db, request.params['login'], - request.params['password']) - if uid is not False: + try: + uid = request.session.authenticate(request.session.db, + request.params[ + 'login'], + request.params[ + 'password']) request.params['login_success'] = True - if not redirect: - redirect = '/web' - return http.redirect_with_hash(redirect) - request.uid = old_uid - values['error'] = _("Wrong login/password") - + return http.redirect_with_hash( + self._login_redirect(uid, redirect=redirect)) + except odoo.exceptions.AccessDenied as e: + request.uid = old_uid + if e.args == odoo.exceptions.AccessDenied().args: + values['error'] = _("Wrong login/password") return request.render('web.login', values) diff --git a/access_restriction_by_ip/doc/RELEASE_NOTES.md b/access_restriction_by_ip/doc/RELEASE_NOTES.md index c78d175f5..6e293e09f 100644 --- a/access_restriction_by_ip/doc/RELEASE_NOTES.md +++ b/access_restriction_by_ip/doc/RELEASE_NOTES.md @@ -3,3 +3,8 @@ #### 02.08.2019 #### Version 13.0.1.0.0 #### ADD Initial Commit for access_restriction_by_ip + +#### 02.08.2019 +#### Version 13.0.1.0.1 +#### FIX +#### Bug Fixed