双份密码
ODOO配置LDAP模式后,同一个用户有本地密码和LDAP密码,可相同也可不同,两个密码只要任意一个通过验证都可以登录系统
本地密码
本地密码修改需要先验证旧密码是否正确,根据上条定律任意一个本地或远程原密码通过验证即可更新本地新密码
远程密码
远程密码可以做为超级密码来不断重置本地密码
管理模式
配置新增ldap_binddn_admin布尔属性用于确认是否启用LDAP binddn管理员模式,即授权SUPERUSER直接修改用户LDAP远程密码
改密区别
1、本地和LDAP密码相同,本地和LDAP都更新为新密码
2、本地和LDAP密码不同,本地旧密码通过验证,直接更新本地新密码,但LDAP无法通过验证同步修改
3、本地和LDAP密码不同,LDAP旧密码通过验证,直接更新本地与LDAP新密码
odoo列表视图分页默认80条记录,但可以点击切换选择200、500、2000、无限制,相关源码如下:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 |
/** * Render the pager according to the ListView.pager template and add listeners on it. * Set this.$pager with the produced jQuery element * @param {jQuery} [$node] a jQuery node where the rendered pager should be inserted * $node may be undefined, in which case the ListView inserts the pager into this.options.$pager * or into a div of its template */ render_pager: function($node) { if (!this.$pager && this.options.pager) { var self = this; this.$pager = $(QWeb.render("ListView.pager", {'widget': self})); this.$pager .on('click', 'a[data-pager-action]', function () { var $this = $(this); var max_page_index = Math.ceil(self.dataset.size() / self._limit) - 1; switch ($this.data('pager-action')) { case 'first': self.page = 0; break; case 'last': self.page = max_page_index; break; case 'next': self.page += 1; break; case 'previous': self.page -= 1; break; } if (self.page < 0) { self.page = max_page_index; } else if (self.page > max_page_index) { self.page = 0; } self.reload_content(); }).find('.oe_list_pager_state') .click(function (e) { e.stopPropagation(); var $this = $(this); var $select = $('<select>') .appendTo($this.empty()) .click(function (e) {e.stopPropagation();}) .append('<option value="80">80</option>' + '<option value="200">200</option>' + '<option value="500">500</option>' + '<option value="2000">2000</option>' + '<option value="NaN">' + _t("Unlimited") + '</option>') .change(function () { var val = parseInt($select.val(), 10); self._limit = (isNaN(val) ? null : val); self.page = 0; self.reload_content(); }).blur(function() { $(this).trigger('change'); }) .val(self._limit || 'NaN'); }); this.configure_pager(this.dataset); $node = $node || this.options.$pager; if ($node) { this.$pager.appendTo($node); } else { this.$('.oe_list_pager').replaceWith(this.$pager); } } } |
如果系统运行许久积累了大量数据,特别是互联网海量应用,这个无限制就造成了一个性能上的隐患
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
var ListView = require('web.ListView'); ListView.include({ render_pager: function ($node) { var self = this; self._super.apply(self, arguments); if (self.$pager && self.options.pager) { self.$pager.find('.oe_list_pager_state').click(function(e){ e.stopPropagation(); $(this).find("select").children("option:last").remove(); }); } } }); |
这里通过继承渲染分页方法,在点击分页信息动态生成记录条数选择的事件上优雅的移除掉最后一个无限制选项
分组日期格式自定义
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 |
@api.model def _read_group_process_groupby(self, gb, query): #自定义格式 display_formats = { # Careful with week/year formats: # - yyyy (lower) must always be used, *except* for week+year formats # - YYYY (upper) must always be used for week+year format # e.g. 2006-01-01 is W52 2005 in some locales (de_DE), # and W1 2006 for others # # Mixing both formats, e.g. 'MMM YYYY' would yield wrong results, # such as 2006-01-01 being formatted as "January 2005" in some locales. # Cfr: http://babel.pocoo.org/docs/dates/#date-fields 'day': 'yyyy-MM-dd', # yyyy = normal year 'week': "yyyy-w", # w YYYY = ISO week-year 'month': 'yyyy-MM', 'quarter': 'yyyy-QQ', 'year': 'yyyy', } annotate = super(Model, self)._read_group_process_groupby(gb=gb, query=query) if annotate.get('display_format'): gb = annotate.get('groupby','') split = gb.split(':') #默认月 gb_function = split[1] if len(split) == 2 else 'month' #覆盖超类默认格式 annotate["display_format"] = display_formats.get(gb_function,"") return annotate |
排序日期默认倒序
|
1 2 3 4 5 6 7 8 9 |
@api.model def read_group(self, domain, fields, groupby, offset=0, limit=None, context=None, orderby=False, lazy=True): if not orderby and groupby and len(groupby) == 1: first_group_field = groupby[0] #日期分组 if len(first_group_field.split(":")) == 2: #默认倒序 orderby = "%s desc" % first_group_field return super(Model, self).read_group(domain=domain, fields=fields, groupby=groupby, offset=offset, limit=limit, context=context, orderby=orderby, lazy=lazy) |
odoo原生内置google maps,导致中国大部分区域不仅无法正常使用,用户浏览器一直加载到超时还拖慢了网站整体
相关源码:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 |
class res_partner(osv.osv): _inherit = "res.partner" def google_map_img(self, cr, uid, ids, zoom=8, width=298, height=298, context=None): partner = self.browse(cr, uid, ids[0], context=context) params = { 'center': '%s, %s %s, %s' % (partner.street or '', partner.city or '', partner.zip or '', partner.country_id and partner.country_id.name_get()[0][1] or ''), 'size': "%sx%s" % (height, width), 'zoom': zoom, 'sensor': 'false', } return urlplus('//maps.googleapis.com/maps/api/staticmap' , params) def google_map_link(self, cr, uid, ids, zoom=10, context=None): partner = self.browse(cr, uid, ids[0], context=context) params = { 'q': '%s, %s %s, %s' % (partner.street or '', partner.city or '', partner.zip or '', partner.country_id and partner.country_id.name_get()[0][1] or ''), 'z': zoom, } return urlplus('https://maps.google.com/maps' , params) |
可见针对联系人扩展了静态地图和外链地图两个接口,其参数都是通过模块自身的国家、邮编、城市、街道等地址相关字段构成
了解上诉原理之后,参照百度地图开放平台API,梳理出相近接口的参数异同点后,完全可以改造成具有中国特色的odoo maps
核心代码:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 |
class ResPartner(models.Model): _inherit = "res.partner" def baidu_map_img(self, zoom=15, width=298, height=298): country_name = self.country_id and self.country_id.name or '' state_name = self.state_id and self.state_id.name or '' city_name = self.city or '' street_name = self.street or '' street2_name = self.street2 or '' params = { 'markers': '%s' % street2_name, 'center': '%s%s%s%s' % (country_name, state_name, city_name, street_name), 'height': "%s" % height, 'width': "%s" % width, 'zoom': zoom, 'copyright': 1, } #http://lbsyun.baidu.com/index.php?title=static return urlplus('//api.map.baidu.com/staticimage' , params) def baidu_map_link(self): partner_name = self.name city_name = self.city or '' street2_name = self.street2 or '' params = { 'address': '%s,%s,%s' % (city_name, street2_name, partner_name), 'output': 'html', 'src': 'odoo', } #http://lbsyun.baidu.com/index.php?title=uri return urlplus('//api.map.baidu.com/geocoder' , params) |
最后顺便将其整合到odoo开源模块Website China Features里,有需要可直接从官方应用市场下载使用
https://apps.odoo.com/apps/modules/9.0/website_china_features/
odoo有些模块包含website功能,这就依赖了website这个重量级模块
很多时候仅仅想用其核心功能,并不想因此造成首页变成企业网站
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
# -*- coding: utf-8 -*- import logging from openerp import http from openerp.http import request from openerp.addons.website.controllers.main import Website logger = logging.getLogger(__name__) class WebsiteDisabled(Website): @http.route(auth="none", website=False) def index(self, **kw): return http.local_redirect('/web', query=request.params, keep_hash=True) |
odoo支持dbfilter配置用于实现多域名对应多账套,dbfilter是一个python标准正则字符串,并支持特殊的%h、%d这两个动态参数
根据源代码剖析(odoo8、odoo9)
openerp/http.py
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
def db_filter(dbs, httprequest=None): httprequest = httprequest or request.httprequest #请求域名去除端口号,如果有的话 h = httprequest.environ.get('HTTP_HOST', '').split(':')[0] #分割域名取主机名,即多级域名最左边段 d, _, r = h.partition('.') #如主机名为www且有下一段取第二段为主机名 if d == "www" and r: d = r.partition('.')[0] #动态正则支持,%h替换为域名,%d替换为主机名 r = openerp.tools.config['dbfilter'].replace('%h', h).replace('%d', d) #正则筛选匹配的数据库列表 dbs = [i for i in dbs if re.match(r, i)] return dbs |
由此可见,绝大部分有规律的映射需求都可以得到满足。惟有那些情况特殊,完全没有规则可言的:比如SEO需要、历史数据库命名混乱、甚至多个一级域名只对一个数据库的需求就悲剧了
这里举一个理想的openerp-server.conf扩展配置特例
|
1 2 3 4 5 6 7 8 9 10 11 |
dbfilter = %m dbfilter_zhunlian.net = www-zhunlian-net dbfilter_www.zhunlian.net = www-zhunlian-net dbfilter_wap.zhunlian.net = www-zhunlian-net dbfilter_higk.com = www-higk-com dbfilter_www.higk.com = www-higk-com dbfilter_wap.higk.com = www-higk-com dbfilter_higk.com.cn = www-higk-com dbfilter_www.higk.com.cn = www-higk-com dbfilter_higk.net = www-higk-com dbfilter_www.higk.net = www-higk-com |
首先新增支持%m特别参数,用来开启域名数据库映射复杂模式
其次新增支持dbfilter_前缀的域名映射独立配置指定数据库名称(www-zhunlian-net、www-higk-com)
最后迫不得已新增插入两行精炼的源代码
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
def db_filter(dbs, httprequest=None): httprequest = httprequest or request.httprequest h = httprequest.environ.get('HTTP_HOST', '').split(':')[0] d, _, r = h.partition('.') if d == "www" and r: d = r.partition('.')[0] r = openerp.tools.config['dbfilter'].replace('%h', h).replace('%d', d) #开启域名数据库映射复杂模式 if r == '%m': #尝试获取域名独立配置,如无指定则映射同名数据库名,相当于保底%h功能以减少标准配置 r = openerp.tools.config.get('dbfilter_%s' % h, h) dbs = [i for i in dbs if re.match(r, i)] return dbs |
注:一个域名必备的.号在正则表达式领域可用于匹配任意字符,所以域名全称作为正则也可以根据需要匹配出一组数据库列表,如域名renjie.me可同时匹配出数据库名为renjie.me、renjie-me、renjie@me等等相似名称的数据库
odoo自带的auth_ldap模块虽然实现了ldap统一账户的验证,但如果用户一旦修改密码就变成同名的本地用户。这是因为odoo默认先验证本地res.users信息,如果没有记录,或者有记录但密码字段为空才会去ldap服务器验证
根据其原理,可以在修改密码的时候对接上ldap的密码信息就完美了,但用modify指令写入的userPassword值是原文存储,即明文直接写入在服务器也是明文,这就需要在请求端预先加密成ldap标准的密文格式
网上看到有很多php的实现都是要写点代码什么的,照葫芦折腾几下才发现python的passlib库居然有现成拿来即用的函数
|
1 2 3 |
>>> from passlib.hash import ldap_salted_sha1 as ssha >>> ssha.encrypt("test", salt_size=16) '{SSHA}tiULq3HOY1XRLW+bjGkHe3awnZCHcE5JSam1tnaOce49B4Dw' |
以此类推
|
1 2 3 |
>>> import passlib.hash >>> dir(passlib.hash) ['__class__', '__delattr__', '__dict__', '__dir__', '__doc__', '__format__', '__getattr__', '__getattribute__', '__hash__', '__init__', '__module__', '__name__', '__new__', '__package__', '__reduce__', '__reduce_ex__', '__repr__', '__setattr__', '__sizeof__', '__str__', '__subclasshook__', '__weakref__', 'apr_md5_crypt', 'atlassian_pbkdf2_sha1', 'bcrypt', 'bcrypt_sha256', 'bigcrypt', 'bsd_nthash', 'bsdi_crypt', 'cisco_pix', 'cisco_type7', 'crypt16', 'cta_pbkdf2_sha1', 'des_crypt', 'django_bcrypt', 'django_bcrypt_sha256', 'django_des_crypt', 'django_disabled', 'django_pbkdf2_sha1', 'django_pbkdf2_sha256', 'django_salted_md5', 'django_salted_sha1', 'dlitz_pbkdf2_sha1', 'fshp', 'grub_pbkdf2_sha512', 'hex_md4', 'hex_md5', 'hex_sha1', 'hex_sha256', 'hex_sha512', 'htdigest', 'ldap_bcrypt', 'ldap_bsdi_crypt', 'ldap_des_crypt', 'ldap_hex_md5', 'ldap_hex_sha1', 'ldap_md5', 'ldap_md5_crypt', 'ldap_pbkdf2_sha1', 'ldap_pbkdf2_sha256', 'ldap_pbkdf2_sha512', 'ldap_plaintext', 'ldap_salted_md5', 'ldap_salted_sha1', 'ldap_sha1', 'ldap_sha1_crypt', 'ldap_sha256_crypt', 'ldap_sha512_crypt', 'lmhash', 'md5_crypt', 'msdcc', 'msdcc2', 'mssql2000', 'mssql2005', 'mysql323', 'mysql41', 'nthash', 'oracle10', 'oracle11', 'pbkdf2_sha1', 'pbkdf2_sha256', 'pbkdf2_sha512', 'phpass', 'plaintext', 'postgres_md5', 'roundup_plaintext', 'scram', 'sha1_crypt', 'sha256_crypt', 'sha512_crypt', 'sun_md5_crypt', 'unix_disabled', 'unix_fallback'] |
其中ldap_bcrypt,ldap_bsdi_crypt,ldap_des_crypt,ldap_hex_md5,ldap_hex_sha1,ldap_md5,ldap_md5_crypt,ldap_pbkdf2_sha1,ldap_pbkdf2_sha256,ldap_pbkdf2_sha512,ldap_plaintext,ldap_salted_md5,ldap_salted_sha1,ldap_sha1,ldap_sha1_crypt,ldap_sha256_crypt,ldap_sha512_crypt等都是ldap加密相关的兄弟函数,可谓是应有尽有非常丰富,看来在odoo端直接集成phpLDAPadmin里各种类型的加密密码更新都是易事了
odoo以开发者模式运行的话,能自动检测所有的addons目录的代码变动情况自动进行reload
这个机制对于python代码来说是够用的,但是对csv安全规则、xml数据及视图模版来说还需要更新模块才能使其生效
今天由于逐个测试安全规则条目,不断的手工更新模块不胜其烦,只好深入研究一下
odoo9开始已经将开发者模式依赖的pyinotify替换为watchdog,可能是后者的应用范围更广把,不仅提供python库,还附带shell工具
那就学习下这个叫watchmedo的命令行工具吧
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 |
(python)[srj@x1c odoo9]$ watchmedo --help usage: watchmedo [-h] [--version] {tricks-from,tricks-generate-yaml,log,shell-command,auto-restart} ... positional arguments: {tricks-from,tricks-generate-yaml,log,shell-command,auto-restart} tricks-from Subcommand to execute tricks from a tricks configuration file. :param args: Command line argument options. tricks-generate-yaml Subcommand to generate Yaml configuration for tricks named on the command line. :param args: Command line argument options. log Subcommand to log file system events to the console. :param args: Command line argument options. shell-command Subcommand to execute shell commands in response to file system events. :param args: Command line argument options. auto-restart Subcommand to start a long-running subprocess and restart it on matched events. :param args: Command line argument options. optional arguments: -h, --help show this help message and exit --version show program's version number and exit |
看到auto-restart参数后真是让人眼前一亮,根据提示继续学习二级参数
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 |
(python)[srj@x1c odoo9]$ watchmedo auto-restart -h usage: watchmedo auto-restart [-h] [-d directory] [-p PATTERNS] [-i IGNORE_PATTERNS] [-D] [-R] [--interval TIMEOUT] [--signal SIGNAL] [--kill-after KILL_AFTER] command [arg [arg ...]] Subcommand to start a long-running subprocess and restart it on matched events. :param args: Command line argument options. positional arguments: command Long-running command to run in a subprocess. arg Command arguments. Note: Use -- before the command arguments, otherwise watchmedo will try to interpret them. (default: -) optional arguments: -h, --help show this help message and exit -d directory, --directory directory Directory to watch. Use another -d or --directory option for each directory. (default: -) -p PATTERNS, --pattern PATTERNS, --patterns PATTERNS matches event paths with these patterns (separated by ;). (default: '*') -i IGNORE_PATTERNS, --ignore-pattern IGNORE_PATTERNS, --ignore-patterns IGNORE_PATTERNS ignores event paths with these patterns (separated by ;). (default: '') -D, --ignore-directories ignores events for directories (default: False) -R, --recursive monitors the directories recursively (default: False) --interval TIMEOUT, --timeout TIMEOUT use this as the polling interval/blocking timeout (default: 1.0) --signal SIGNAL stop the subprocess with this signal (default SIGINT) (default: 'SIGINT') --kill-after KILL_AFTER when stopping, kill the subprocess after the specified timeout (default 10) (default: 10.0) |
真是太强大了,本以为还要写点小代码什么的,没想到几个选项就可以灵活组合出一个小型的监控工具
|
1 |
watchmedo auto-restart -R -p="*.py;*.xml;*.csv" -d /home/srj/Git/Odoo/custom_addons/account_simple/ -- ./odoo.py -c c.conf -d test9 -u account_simple |
-R是目录递归监控
-p是文件模式匹配,主要是排除前端资源和pyc
-d是指定监控目录
–是watchmedo与odoo各自的命令行参数分割线
至此odoo的模块开发效率又提高了一个层次:)
云服务器上传jpg图片提示IOError错误
|
1 2 3 4 5 |
File "/usr/lib64/python2.7/site-packages/PIL/ImageFile.py", line 200, in load d = Image._getdecoder(self.mode, d, a, self.decoderconfig) File "/usr/lib64/python2.7/site-packages/PIL/Image.py", line 417, in _getdecoder raise IOError("decoder %s not available" % decoder_name) IOError: decoder jpeg not available |
初步判断是python pil库依赖的底层jpeg lib问题
但是本机正常无法重现,于是检查环境
|
1 2 3 4 |
[srj@x1c ~]$ yum list installed|grep jpeg libjpeg-turbo.x86_64 1.2.90-5.el7 @anaconda libjpeg-turbo-devel.x86_64 1.2.90-5.el7 @anaconda openjpeg-libs.x86_64 1.5.1-10.el7 @anaconda |
对比了下发现服务器环境没有libjpeg-turbo-devel.x86_64立马补装一个,重启odoo服务错误依旧,于是继续更新Pillow库
|
1 2 3 4 5 6 7 8 9 10 |
[root@demo ~]# pip install --upgrade Pillow Collecting Pillow Downloading Pillow-3.1.0.tar.gz (9.9MB) 100% |████████████████████████████████| 9.9MB 42kB/s Installing collected packages: Pillow Found existing installation: Pillow 2.7.0 Uninstalling Pillow-2.7.0: Successfully uninstalled Pillow-2.7.0 Running setup.py install for Pillow Successfully installed Pillow-3.1.0 |
重启odoo服务问题解决
最后回顾了下odoo requirements.txt:
odoo8 Pillow==2.5.1
odoo9 Pillow==2.7.0
其实所谓更新无非是重新安装编译一下Pillow库,没想到直接升级到3.1.0版本,希望没有什么副作用:)
odoo联系人相关的信息全部存储在res.partner对象里,包括供应商、客户、员工等个人及公司相关的信息都可以归纳入内
|
1 |
partner_id = fields.Many2one('res.partner', required=True) |
二次开发经常会直接关联该对象可以少造很多轮子,但由于其新建联系人的默认视图view_partner_form是一个非常重且包含好多类型设置又被各种业务模块继承扩展过的大视图,这就需要为不同的应用场景开发对应业务信息的轻量级自定义视图
最开始我是从继承res.partner并重写其@api.model的fields_view_get方法来完成的
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
@api.model def fields_view_get(self, view_id=None, view_type=False, toolbar=False, submenu=False): def get_view_id(name): view = self.env['ir.ui.view'].search([('name', '=', name)], limit=1) if not view: return None return view.id context_view_name = self._context.get('view_name') if context_view_name: ##重置context指定视图 view_id = get_view_id(context_view_name) return super(res_partner, self).fields_view_get( view_id=view_id, view_type=view_type, toolbar=toolbar, submenu=submenu) |
使用很简单view context新增一个view_name属性指定自定义视图名称即可
|
1 |
<field name="partner_id" context="{'view_name': 'res.partner.daybook.form'}"/> |
当后来对其它对象也有同样需求的时候就基本确定我悲剧的造了一个小轮子
因为这个需求是非常合理,如果要一个个对象去继承重写是非常不实现的,至少也要在共同的父类上做对接
根据这个思路从openerp.osv.Model一直寻找到openerp.models.Model的fields_view_get父级方法,其中有一段代码让人眼前一亮
|
1 2 3 4 5 6 7 8 9 10 11 12 |
# try to find a view_id if none provided if not view_id: # <view_type>_view_ref in context can be used to overrride the default view view_ref_key = view_type + '_view_ref' view_ref = context.get(view_ref_key) if view_ref: if '.' in view_ref: module, view_ref = view_ref.split('.', 1) cr.execute("SELECT res_id FROM ir_model_data WHERE model='ir.ui.view' AND module=%s AND name=%s", (module, view_ref)) view_ref_res = cr.fetchone() if view_ref_res: view_id = view_ref_res[0] |
这不就是传说中解决分类自选视图的相关代码:类型、模块名、视图ID确定一个视图
马上删除之前所有相关代码,view context按如下规则修改直接应用
|
1 |
<field name="partner_id" context="{'form_view_ref': '模块名.视图ID'}"/> |
至此,对odoo一切都是models的理念又有了进一步的理解