-
-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[ADD] 'auth_generate_password' module to generate randomly user's password #92
Conversation
@ALL : Travis fails if 'mail_environment' is installed. ( so it doesn't fail in UNITEST mode); How can I solve the problem ? UPDATE:
|
👍 (and sorry for not replying last week) |
Please, | ||
<ul> | ||
<li>remember this password and delete this email;</li> | ||
<li>Communicate the password to your team, if you are many people to use the same credentials;</li> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
s/if you are to use/if there are many people that are using
👍 |
2 👍, but the runbot is failing. |
et_obj = self.pool['email.template'] | ||
password_size = eval(icp_obj.get_param( | ||
cr, uid, 'auth_generate_password.password_size')) | ||
password_chars = eval(icp_obj.get_param( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe you may
try:
int(cp_obj.get_param(
cr, uid, 'auth_generate_password.password_size'))
except:
raise except_orm(_("error"), _("Only digit chars authorized"))
Except use of eval, it is ok for me |
Thanks, but it only works for password_size not for password_chars. |
…ypted in database;
e56b4ef
to
7ad4fbf
Compare
@pedrobaeza, @hbrunn, @bealdav : runbot is now green. (after a simple rebase). kind regards. |
There is also a PR to prevent users from changing passwords: #249 |
|
||
- !record {model: ir.config_parameter, id: password_size}: | ||
key: auth_generate_password.password_size | ||
value: 6 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
IMO 6 is quite a bad default. I would have 12, or at least 10.
Also, I guess this ought to be created with noupdate="1"
...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
do you know how to set noupdate in a yml file ?
6 -> 12 : agree.
@dreispt :
Yes, you're right. When I'll port this module, I'll remove this feature from this module. (my module is a V7, and you're pointing a V8 PR) ; |
I'm still concerned that parameters get overwritten on a module upgrade. |
@dreispt :
I can figure out your PoV, but it depends how do you apply settings on your database. 2/ you realize changes by a custom module: So, there is no perfect settings. My personal case (2), I write a 'custom_module' and in this module I put all my specific configuration, and so I can recover a complete demo environment, if I want. What do you think ? But yes, I could understand that all ir.config_parameter should be noupdatable... |
@legalsylvain AFAIK mopdules should expect parameters to be modified by power users through the GUI. So 1/ is case to support, and Odoo has the tooling for that. You will need to convert the YML to XML. |
or write a yaml stanza that modifies the generated ir.model.data record (I never use yaml, no idea if there's a better way to do it) Concerning update/noupdate: You can have both of it. Set it to noupdate in this module, depending modules can do this: <data noupdate="1">
<function model="ir.model.data" name="write">
<function model="ir.model.data" name="search">
<value eval="[('module', '=', 'auth_generate_password'), ('name', '=', 'password_size')]" />
</function>
<value eval="{'noupdate': False}" />
</function>
</data>
<data>
<!-- change the noupdate record /-->
</data>
<data noupdate="1">
<function model="ir.model.data" name="write">
<function model="ir.model.data" name="search">
<value eval="[('module', '=', 'auth_generate_password'), ('name', '=', 'password_size')]" />
</function>
<value eval="{'noupdate': True}" />
</function>
</data> This pattern allows us to change noupdate records on module installation, but doesn't mess with the records on subsequent updates |
All good, but it would be safer to add to the module description a "Roadmap" section explaining that the restrict password changing feature should be removed when porting to 8.0. |
@dreispt : done. |
Thanks! 👍 |
[ADD] 'auth_generate_password' module to generate randomly user's password
[PRT][REN] Added module web_hide_db_manager_link, as a port to v8 of web...
[FIX] base_report_to_printer: A button method should be @api.multi
Propose to the community a simple module to:
The type of password is defined in two parameters: