[IMP] mail, google_gmail, microsoft_outlook: simplify the mail servers creation

addons/google_gmail/__init__.py

@@ -3,3 +3,4 @@
 
 from . import controllers
 from . import models
+from . import wizard

addons/google_gmail/__manifest__.py

@@ -3,7 +3,7 @@
 
 {
     "name": "Google Gmail",
-    "version": "1.2",
+    "version": "1.3",
     "category": "Hidden",
     "description": "Gmail support for incoming / outgoing mail servers",
     "depends": [
@@ -13,13 +13,9 @@
         "views/fetchmail_server_views.xml",
         "views/ir_mail_server_views.xml",
         "views/res_config_settings_views.xml",
+        "security/ir.model.access.csv",
     ],
     "auto_install": True,
     "author": "Odoo S.A.",
     "license": "LGPL-3",
-    "assets": {
-        "web.assets_backend": [
-            "google_gmail/static/src/scss/google_gmail.scss",
-        ]
-    },
 }

addons/google_gmail/controllers/main.py

@@ -35,35 +35,54 @@ def google_gmail_callback(self, code=None, state=None, error=None, **kwargs):
             model_name = state['model']
             rec_id = state['id']
             csrf_token = state['csrf_token']
+            email = state['email']
         except Exception:
             _logger.error('Google Gmail: Wrong state value %r.', state)
             raise Forbidden()
 
+        record = self._get_gmail_record(model_name, rec_id, csrf_token)
+
+        GmailToken = request.env['google.gmail.token']
+
+        try:
+            refresh_token, access_token, expiration = GmailToken._fetch_gmail_refresh_token(code)
+        except UserError:
+            return _('An error occur during the authentication process.')
+
+        return self._redirect_to_gmail_record(email, access_token, expiration, refresh_token, record)
+
+    @http.route('/google_gmail/iap_confirm', type='http', auth='user')
+    def google_gmail_iap_callback(self, model, rec_id, email, csrf_token, access_token, refresh_token, expiration, **kwargs):
+        record = self._get_gmail_record(model, rec_id, csrf_token)
+        return self._redirect_to_gmail_record(email, access_token, expiration, refresh_token, record)
+
+    def _get_gmail_record(self, model_name, rec_id, csrf_token):
+        """Return the record after checking the CSRF token."""
         model = request.env[model_name]
 
         if not isinstance(model, request.env.registry['google.gmail.mixin']):
             # The model must inherits from the "google.gmail.mixin" mixin
+            _logger.error('Error during Gmail OAuth process, wrong model %r.', model_name)
             raise Forbidden()
 
-        record = model.browse(rec_id).exists()
+        record = model.browse(int(rec_id)).exists()
         if not record:
+            _logger.error('Error during Gmail OAuth process, record does not exist %r #%r.', model_name, rec_id)
             raise Forbidden()
 
         if not csrf_token or not consteq(csrf_token, record._get_gmail_csrf_token()):
             _logger.error('Google Gmail: Wrong CSRF token during Gmail authentication.')
             raise Forbidden()
 
-        try:
-            refresh_token, access_token, expiration = record._fetch_gmail_refresh_token(code)
-        except UserError:
-            return _('An error occur during the authentication process.')
+        return record
 
-        record.write({
+    def _redirect_to_gmail_record(self, email, access_token, expiration, refresh_token, record):
+        # update existing token or create a new one
+        request.env['google.gmail.token']._search_or_create(email, {
             'google_gmail_access_token': access_token,
             'google_gmail_access_token_expiration': expiration,
-            'google_gmail_authorization_code': code,
             'google_gmail_refresh_token': refresh_token,
         })
 
-        url = f'/odoo/{model_name}/{rec_id}'
-        return request.redirect(url)
+        # redirect to the record form view
+        return request.redirect(f'/odoo/{record._name}/{record.id}')

addons/google_gmail/models/__init__.py

@@ -4,5 +4,6 @@
 from . import google_gmail_mixin
 
 from . import fetchmail_server
+from . import google_gmail_token
 from . import ir_mail_server
 from . import res_config_settings

addons/google_gmail/models/fetchmail_server.py

@@ -2,21 +2,26 @@
 # Part of Odoo. See LICENSE file for full copyright and licensing details.
 
 from odoo import _, api, fields, models
+from odoo.exceptions import UserError
 
 
 class FetchmailServer(models.Model):
     _name = 'fetchmail.server'
     _inherit = ['fetchmail.server', 'google.gmail.mixin']
+    _email_field = 'user'
+    _server_type_field = 'server_type'
 
-    server_type = fields.Selection(selection_add=[('gmail', 'Gmail OAuth Authentication')], ondelete={'gmail': 'set default'})
+    server_type = fields.Selection(
+        selection_add=[('gmail', 'Gmail OAuth Authentication')],
+        ondelete={'gmail': 'set default'})
 
     def _compute_server_type_info(self):
-        gmail_servers = self.filtered(lambda server: server.server_type == 'gmail')
+        gmail_servers, normal_servers = self._split_gmail_servers()
         gmail_servers.server_type_info = _(
             'Connect your Gmail account with the OAuth Authentication process. \n'
             'You will be redirected to the Gmail login page where you will '
             'need to accept the permission.')
-        super(FetchmailServer, self - gmail_servers)._compute_server_type_info()
+        super(FetchmailServer, normal_servers)._compute_server_type_info()
 
     @api.onchange('server_type', 'is_ssl', 'object_id')
     def onchange_server_type(self):
@@ -26,10 +31,7 @@ def onchange_server_type(self):
             self.is_ssl = True
             self.port = 993
         else:
-            self.google_gmail_authorization_code = False
-            self.google_gmail_refresh_token = False
-            self.google_gmail_access_token = False
-            self.google_gmail_access_token_expiration = False
+            self.google_gmail_token_id = False
             super(FetchmailServer, self).onchange_server_type()
 
     def _imap_login(self, connection):
@@ -39,7 +41,9 @@ def _imap_login(self, connection):
         """
         self.ensure_one()
         if self.server_type == 'gmail':
-            auth_string = self._generate_oauth2_string(self.user, self.google_gmail_refresh_token)
+            if not self.google_gmail_token_id:
+                raise UserError(_('Please login to your Gmail account.'))
+            auth_string = self.google_gmail_token_id._generate_oauth2_string()
             connection.authenticate('XOAUTH2', lambda x: auth_string)
             connection.select('INBOX')
         else: