Skip to content

GitLab

Open
Created by Dmytro Katyukha@katyukhaOwner

Add ability to use temporary auth for JSON-RPC requests

Currently, when we try to do JSON-RPC request via temporary auth credentials, we got following error:

Traceback (most recent call last):
  File "/opt/odoo/odoo/odoo/http.py", line 656, in _handle_exception
    return super(JsonRequest, self)._handle_exception(exception)
  File "/opt/odoo/odoo/odoo/http.py", line 314, in _handle_exception
    raise pycompat.reraise(type(exception), exception, sys.exc_info()[2])
  File "/opt/odoo/odoo/odoo/tools/pycompat.py", line 87, in reraise
    raise value
  File "/opt/odoo/odoo/odoo/http.py", line 698, in dispatch
    result = self._call_function(**self.params)
  File "/opt/odoo/odoo/odoo/http.py", line 346, in _call_function
    return checked_call(self.db, *args, **kwargs)
  File "/opt/odoo/odoo/odoo/service/model.py", line 98, in wrapper
    return f(dbname, *args, **kwargs)
  File "/opt/odoo/odoo/odoo/http.py", line 339, in checked_call
    result = self.endpoint(*a, **kw)
  File "/opt/odoo/odoo/odoo/http.py", line 941, in __call__
    return self.method(*args, **kw)
  File "/opt/odoo/odoo/odoo/http.py", line 519, in response_wrap
    response = f(*args, **kw)
  File "/opt/odoo/odoo/addons/web/controllers/main.py", line 967, in call_button
    action = self._call_kw(model, method, args, {})
  File "/opt/odoo/odoo/addons/web/controllers/main.py", line 955, in _call_kw
    return call_kw(request.env[model], method, args, kwargs)
  File "/opt/odoo/odoo/odoo/api.py", line 759, in call_kw
    return _call_kw_multi(method, model, args, kwargs)
  File "/opt/odoo/odoo/odoo/api.py", line 746, in _call_kw_multi
    result = method(recs, *args, **kwargs)
  File "/opt/odoo/custom_addons/yodoo_environment/wizards/environment_initialize.py", line 120, in do_create
    'yodoo_cockpit.oi_odoo_base_domain', self.basedomain)
  File "/opt/odoo/venv/lib/python3.7/site-packages/odoo_rpc_client/orm/object.py", line 102, in wrapper
    **kwargs)
  File "/opt/odoo/venv/lib/python3.7/site-packages/odoo_rpc_client/service/object.py", line 44, in execute
    kwargs)
  File "/opt/odoo/venv/lib/python3.7/site-packages/odoo_rpc_client/connection/jsonrpc.py", line 120, in __call__
    data=error.get('data', None))
odoo_rpc_client.connection.jsonrpc.JSONRPCError: Access Denied
Traceback (most recent call last):
  File "/opt/odoo/odoo/odoo/tools/cache.py", line 85, in lookup
    r = d[key]
  File "/opt/odoo/odoo/odoo/tools/func.py", line 71, in wrapper
    return func(self, *args, **kwargs)
  File "/opt/odoo/odoo/odoo/tools/lru.py", line 34, in __getitem__
    a = self.d[obj]
KeyError: ('res.users', <function Users.check at 0x7fedb5d81940>, 1, 'e5cdc5c8-cd62-49ab-831a-6ea9dd697e08')


The above exception was the direct cause of the following exception:

Traceback (most recent call last):
  File "/opt/odoo/odoo/odoo/addons/base/models/ir_http.py", line 237, in _dispatch
    result = request.dispatch()
  File "/opt/odoo/odoo/odoo/http.py", line 687, in dispatch
    result = self._call_function(**self.params)
  File "/opt/odoo/odoo/odoo/http.py", line 359, in _call_function
    return checked_call(self.db, *args, **kwargs)
  File "/opt/odoo/odoo/odoo/service/model.py", line 94, in wrapper
    return f(dbname, *args, **kwargs)
  File "/opt/odoo/odoo/odoo/http.py", line 348, in checked_call
    result = self.endpoint(*a, **kw)
  File "/opt/odoo/odoo/odoo/http.py", line 916, in __call__
    return self.method(*args, **kw)
  File "/opt/odoo/odoo/odoo/http.py", line 535, in response_wrap
    response = f(*args, **kw)
  File "/opt/odoo/odoo/odoo/addons/base/controllers/rpc.py", line 101, in jsonrpc
    return dispatch_rpc(service, method, args)
  File "/opt/odoo/odoo/odoo/http.py", line 141, in dispatch_rpc
    result = dispatch(method, params)
  File "/opt/odoo/odoo/odoo/service/model.py", line 37, in dispatch
    security.check(db,uid,passwd)
  File "/opt/odoo/odoo/odoo/service/security.py", line 9, in check
    return res_users.check(db, uid, passwd)
  File "<decorator-gen-106>", line 2, in check
  File "/opt/odoo/odoo/odoo/tools/cache.py", line 90, in lookup
    value = d[key] = self.method(*args, **kwargs)
  File "/opt/odoo/odoo/odoo/addons/base/models/res_users.py", line 752, in check
    raise AccessDenied()
Exception

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
  File "/opt/odoo/odoo/odoo/http.py", line 643, in _handle_exception
    return super(JsonRequest, self)._handle_exception(exception)
  File "/opt/odoo/odoo/odoo/http.py", line 301, in _handle_exception
    raise exception.with_traceback(None) from new_cause
odoo.exceptions.AccessDenied: Access Denied

Because, temporary auth credentials are safe, we have to be able to use them to run JSON-RPC requests.

To fix this issue, we could override check method on res.users model, to check temporary auth credentials first.