Odoo Help

Welcome!

This community is for beginners and experts willing to share their Odoo knowledge. It's not a forum to discuss ideas, but a knowledge base of questions and their answers.

6

how to show the "manage database" page for particular user (like administrator) in Openerp V8?

By
phoebe
on 7/11/14, 2:44 AM 14,636 views

I know in V8, to access to the 'manage database' page, there's no button directly link to that page, you need to access by url http://localhost:8069/web/database/manager#action=database_manager.

I don't want everyone has the access right to move to that page, is there's method I can set a pass word for that url? or can I decide only administrator can access to that page?

Anyone can help me? 

i'm also looking to restrict this in the same manner as you would with .htaccess in Apache (eg. restrict access to a certain fixed IP). I'll post back here if I find a solution.

Luke Branch
on 7/11/14, 3:51 AM

Hi Luke, happy to hear that ! Looking forward to your feedback.

phoebe
on 7/15/14, 10:06 PM
Hi Luke,

I received your answer in odoo help website, really happy that someone had the same concern with me on odoo new version.

I noticed you're also from HK, if you don't mind, maybe you can leave your email address or skype so we can share (OE) information in the future? What do you think? 



Best Regards

Phoebe Huang
Rooms For (Hong Kong) Limited
Skype: phoebeh0330



On Fri, Jul 11, 2014 at 3:51 PM, Luke <luke-weairsoft-com@openerp.my.openerp.com> wrote:

i'm also looking to restrict this in the same manner as you would with .htaccess in Apache (eg. restrict access to a certain fixed IP). I'll post back here if I find a solution.

--
Luke Sent by OpenERP S.A. using OpenERP. Access your messages and documents in Odoo

phoebe
on 7/15/14, 10:16 PM

Why don't you script inside the webpage? Check which user is logged in with which preferences.. if the scenario you want matches you show the button that redirects to the /web/database/manager page. If this doesn't match you don't show the button.

Yenthe
on 10/7/14, 7:58 AM

@phoebe: I updated my custom module code to restrict DBManager page redirect to password page.

Prakash
on 10/8/14, 8:18 AM

Is there any solution now?

Thomas Quelle
on 10/7/14, 7:54 AM

Thomas the solution is given in the post below here. This is pretty much your prototype.

Yenthe
on 1/2/15, 3:15 AM

updated GitHub Source Code https://github.com/prakashsukraj/Odoo-DBRestrict

Prakash
on 1/2/15, 4:16 AM
4

Prakash

--Prakash--
3173
| 5 4 7
Bikaner, India
--Prakash--

OpenERP Devloper at SunARC Technology

Prakash
On 10/7/14, 8:12 AM

In  Odoo version 8 Select database / Manage Databases view using the below URL:-

http://localhost:8069/web/database/selector

Note: Default Port No 8069. change Url based on your port no configuration.

EDIT:

GitHub Source Code  https://github.com/prakashsukraj/Odoo-DBRestrict

I just finished a new module "web_dbrestrict" that Database Manager page restrict redirect to password page.

__openerp__.py

{
    'name': 'Web DB Restrict',
    'category': 'Hidden',
    'version': '1.0',
    'description': """
OpenERP Web core module.
========================
This module provides Database Manager page restrict redirect to password page.
        """,
    'depends': ['web'],
    'data': [     
        'views/web_dbrestrict.xml',        
    ],
    'installable': True,
    'application': True,
}

views/web_dbrestrict.xml

 

<?xml version="1.0" encoding="utf-8"?>
<openerp>
    <data>

    <template id="dbmanager_password" name="DB Password">
            <t t-call="web.login_layout">            
                <form  class="oe_login_form"  role="form" action="/web/dbmanager_password" method="post">
                    <div class="form-group field-password">
                        <label for="password" class="control-label">Password</label>
                        <input type="password" name="password" id="password" class="form-control" required="required" t-att-autofocus="'autofocus' if login else None"/>
                    </div>
                    <p class="alert alert-danger" t-if="error">
                        <t t-esc="error"/>
                    </p>
                    <p class="alert alert-success" t-if="message">
                        <t t-esc="message"/>
                    </p>
                    <div class="clearfix oe_login_buttons">
                        <button type="submit" class="btn btn-primary">Log in</button>
                    </div>
                </form>
            </t>
        </template>

    </data>
</openerp>

web_dbrestrict/controllers/main.py

import jinja2
import os
import simplejson
import sys
import openerp
import openerp.modules.registry
from openerp.tools import topological_sort
from openerp import http
from openerp.http import request, serialize_exception as _serialize_exception

if hasattr(sys, 'frozen'):
    # When running on compiled windows binary, we don't have access to package loader.
    path = os.path.realpath(os.path.join(os.path.dirname(__file__), '..', 'views'))
    loader = jinja2.FileSystemLoader(path)
else:
    loader = jinja2.PackageLoader('openerp.addons.web', "views")

env = jinja2.Environment(loader=loader, autoescape=True)
env.filters["json"] = simplejson.dumps

db_monodb = http.db_monodb

def module_installed_bypass_session(dbname):
    loadable = http.addons_manifest.keys()
    modules = {}
    try:
        registry = openerp.modules.registry.RegistryManager.get(dbname)
        with registry.cursor() as cr:
            m = registry.get('ir.module.module')
            # TODO The following code should move to ir.module.module.list_installed_modules()
            domain = [('state','=','installed'), ('name','in', loadable)]
            ids = m.search(cr, 1, [('state','=','installed'), ('name','in', loadable)])
            for module in m.read(cr, 1, ids, ['name', 'dependencies_id']):
                modules[module['name']] = []
                deps = module.get('dependencies_id')
                if deps:
                    deps_read = registry.get('ir.module.module.dependency').read(cr, 1, deps, ['name'])
                    dependencies = [i['name'] for i in deps_read]
                    modules[module['name']] = dependencies
    except Exception,e:
        pass
    sorted_modules = topological_sort(modules)
    return sorted_modules
    
def module_boot(db=None):
    server_wide_modules = openerp.conf.server_wide_modules or ['web']
    serverside = []
    dbside = []
    for i in server_wide_modules:
        if i in http.addons_manifest:
            serverside.append(i)
    monodb = db or db_monodb()
    if monodb:
        dbside = module_installed_bypass_session(monodb)
        dbside = [i for i in dbside if i not in serverside]
    addons = serverside + dbside
    return addons
 # In the above code Import and method copy and paste from the web/main.py file  
class Database_Password(openerp.addons.web.controllers.main.Database):

    @http.route('/web/database/manager', type='http', auth="none")
    def manager(self, **kw):
        request.session.logout()
        return http.local_redirect('/web/password')

    @http.route('/web/password', type='http', auth='public', website=True)
    def pasword(self, redirect=None, **post):    
        return request.render('web_dbrestrict.dbmanager_password', {'url_root': request.httprequest.url_root})
                
    @http.route('/web/dbmanager_password', type='http', auth='public', website=True)
    def dbmanager_password(self, cert_type=None, **post):
        password = request.params['password']    
        if password == 'Your_Password': #user enter password matched redirect to DBManager page
            return env.get_template("database_manager.html").render({
                'modules': simplejson.dumps(module_boot()),
            })    
        else:
            values = request.params.copy()        
            values['error'] = "Wrong password"                
            return request.render('web_dbrestrict.dbmanager_password', values)        
        
  web_dbrestrict/views

  copy and paste the "database_manager.html" File from the location web/views to  web_dbrestrict/views

 

@Prakash, Do you have a github repository for this module? I would like to fork it for my own use if possible. I think github would be the best way as other people who would also like to use your module can see changes against their fork if you make updates to your module. Please let me know if you have any plans to add this to a github repository. If you do not plan to add this to a github repository or your own I would like to ask your permission before adding this module to my own repo here: http://github.com/lukebranch if this is the case please provide me with details I can add to the __openerp__.py file to provide credit to you as the author.

Luke Branch
on 11/6/14, 10:46 PM

@Luke: Just update the module in github https://github.com/prakashsukraj/Odoo-DBRestrict

Prakash
on 11/7/14, 2:03 AM

@Prakash, Thank you!

Luke Branch
on 11/7/14, 2:06 AM
1

Luke Branch

--Luke Branch--
1531
| 6 7 8
Mui Wo, Lantau, Hong Kong
--Luke Branch--

...

Luke Branch
On 10/7/14, 9:01 PM

In order to restrict access to  /web/database/selector and /web/database/manager I have setup nginx as a frontend proxy in front of Odoo's webserver and applied the following rules to the /sites-enabled/examplewebsite.com (add inside server {}):

location ~ ^ /web/database(manager|selector) { 
                      allow 1.2.3.4;
                      deny all;
}

simply replace 1.2.3.4 with an ip (preferably fixed ip) of your choice. I have replaced it with an ip address inside my internal LAN. This will provide anyone who is not trying to access that URL from that IP address a 403 Forbidden error from nginx.

In order to setup Nginx as a frontend proxy for Odoo I have used the following steps on Debian 7.6:

1) sudo apt-get install nginx
2) sudo pico -w /etc/nginx/sites-enabled/examplewebsite.com
3) paste the following and replace examplewebsite.com with your domain, and 1.2.3.4 with the fixed IP address you would like to access your /web/database/manager and /web/database/selector links from:

server {
           
          listen 80;
          server_name  www.examplewebsite.com examplewebsite.com;
          charset utf-8;
                                                                                                                                                                     
          access_log  /var/log/nginx/prolv-access.log;                         

          error_log   /var/log/nginx/prolv-error.log;  

  location ~ ^/web/database/(manager|selector) {
                allow 1.2.3.4;
                deny all;
  }

                location / {
                    proxy_pass         http://127.0.0.1:8072/;
                    proxy_redirect     off;

                    proxy_set_header   Host             $host;
                    proxy_set_header   X-Real-IP        $remote_addr;
                    proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
                    proxy_set_header   X-OpenERP-dbfilter prolv;

                    client_max_body_size       200m;

                #    proxy_connect_timeout      90;
                #    proxy_send_timeout         90;
                #    proxy_read_timeout         90;

                    proxy_buffer_size          128k;
                    proxy_buffers              16 64k;
                #    proxy_busy_buffers_size    64k;
                #    proxy_temp_file_write_size 64k;
                }

                # Static files location
                #location ~* ^.+.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|js)$ {
                #    root   /spool/www/members_ng;
                #}

               

 


}


Credit to Viktor for his basic Nginx config for Odoo 8.0 here
http://www.prolv.net/forum/help-1/question/nginix-setup-for-odoo-6

and NixCraft for their explanation of Nginx Access rules here:
http://www.cyberciti.biz/faq/nginx-block-url-access-all-except-one-ip-address/


Although this is by no means a complete or production ready configuration it has at least helped me to achieve restricting access to those URL's to a specific IP. I will be rolling a more complete nginx configuration into my Odoo 8.0 install script (forked and modified from Andre Schenkel's here - https://github.com/lukebranch/openerp-install-scripts/blob/master/odoo-saas4/ubuntu-14-04/odoo_install.sh).

There are probably better ways to do this and I welcome any comments on how this might be better implemented.

0
iouhammi
On 5/13/15, 7:59 AM

@Prakash, Thanks for your solution (db-restrict module). It's working fine for one database, but when I create a new one, then I try to access database manager, I get a 404 error when I'm redirected to /web/password..

Please, if there is any update ? Thanks.

I think, if db-restrict module installed in all the database then the 404 error will not shows.

Prakash
on 5/13/15, 8:07 AM

I rechecked it, it's installed in all databases (also, I set auto_install to true, so it was installed automatically). But the problem still persisting.. Also, I can access to Database Manager from /web/manager/selector without password! But when I dropped the new database (only one kept) It worked fine.. I recreate new one, the problem reoccur !

iouhammi
on 5/13/15, 8:25 AM
0
Mega Fridayanti
On 5/2/15, 8:23 AM

Dear everyone :)

i am a new user for Odoo :)

have anybody installed Odoo version 9.0 ?

I have installed it, but i didn't find button for restore my database :(

the page just filled with blank page and "Odoo" text

what should I do ?


thanks before,

Mega

0
PY
On 2/6/15, 4:11 AM

If you're using Apache, you could do something like this:

<Location /web/database>
    Order deny,allow
    Deny from all
    Allow from 1.2.3.4
</Location>

in your site configuration file.

This way, only the IP 1.2.3.4 can access the /web/database path. And the /web/database/manager uses this path, so...

0

Maniganda

--Maniganda--
1038
| 5 7 7
Bangalore, India
--Maniganda--
Maniganda
On 10/8/14, 3:38 AM

Here is whole explanation of removing manage databases, https://accounts.openerp.com/forum/Help-1/question/2615

-1
Bruno JOLIVEAU
On 10/7/14, 4:09 PM

What do you expect exactly ?

Why don't you change masterpassword for admin ?

The user will be able to reach this page but won't be able manipulate.

Your Answer

Please try to give a substantial answer. If you wanted to comment on the question or answer, just use the commenting tool. Please remember that you can always revise your answers - no need to answer the same question twice. Also, please don't forget to vote - it really helps to select the best questions and answers!

About This Community

This community is for professionals and enthusiasts of our products and services. Read Guidelines

Question tools

15 follower(s)

Stats

Asked: 7/11/14, 2:44 AM
Seen: 14636 times
Last updated: 4/7/16, 9:25 PM