Odoo Help

6
5
Avatar

Prakash

--Prakash--

3488
| 5 5 7
Bikaner, India
--Prakash--

OpenERP Developer at SunARC Technology

Prakash
On 10/7/14, 8:12 AM

In  Odoo version 8 Select database / Manage Databases view using the below URL:-

http://localhost:8069/web/database/selector

Note: Default Port No 8069. change Url based on your port no configuration.

EDIT:

GitHub Source Code  https://github.com/prakashsukraj/Odoo-DBRestrict

I just finished a new module "web_dbrestrict" that Database Manager page restrict redirect to password page.

__openerp__.py

{
    'name': 'Web DB Restrict',
    'category': 'Hidden',
    'version': '1.0',
    'description': """
OpenERP Web core module.
========================
This module provides Database Manager page restrict redirect to password page.
        """,
    'depends': ['web'],
    'data': [     
        'views/web_dbrestrict.xml',        
    ],
    'installable': True,
    'application': True,
}

views/web_dbrestrict.xml

 

<?xml version="1.0" encoding="utf-8"?>
<openerp>
    <data>

    <template id="dbmanager_password" name="DB Password">
            <t t-call="web.login_layout">            
                <form  class="oe_login_form"  role="form" action="/web/dbmanager_password" method="post">
                    <div class="form-group field-password">
                        <label for="password" class="control-label">Password</label>
                        <input type="password" name="password" id="password" class="form-control" required="required" t-att-autofocus="'autofocus' if login else None"/>
                    </div>
                    <p class="alert alert-danger" t-if="error">
                        <t t-esc="error"/>
                    </p>
                    <p class="alert alert-success" t-if="message">
                        <t t-esc="message"/>
                    </p>
                    <div class="clearfix oe_login_buttons">
                        <button type="submit" class="btn btn-primary">Log in</button>
                    </div>
                </form>
            </t>
        </template>

    </data>
</openerp>

web_dbrestrict/controllers/main.py

import jinja2
import os
import simplejson
import sys
import openerp
import openerp.modules.registry
from openerp.tools import topological_sort
from openerp import http
from openerp.http import request, serialize_exception as _serialize_exception

if hasattr(sys, 'frozen'):
    # When running on compiled windows binary, we don't have access to package loader.
    path = os.path.realpath(os.path.join(os.path.dirname(__file__), '..', 'views'))
    loader = jinja2.FileSystemLoader(path)
else:
    loader = jinja2.PackageLoader('openerp.addons.web', "views")

env = jinja2.Environment(loader=loader, autoescape=True)
env.filters["json"] = simplejson.dumps

db_monodb = http.db_monodb

def module_installed_bypass_session(dbname):
    loadable = http.addons_manifest.keys()
    modules = {}
    try:
        registry = openerp.modules.registry.RegistryManager.get(dbname)
        with registry.cursor() as cr:
            m = registry.get('ir.module.module')
            # TODO The following code should move to ir.module.module.list_installed_modules()
            domain = [('state','=','installed'), ('name','in', loadable)]
            ids = m.search(cr, 1, [('state','=','installed'), ('name','in', loadable)])
            for module in m.read(cr, 1, ids, ['name', 'dependencies_id']):
                modules[module['name']] = []
                deps = module.get('dependencies_id')
                if deps:
                    deps_read = registry.get('ir.module.module.dependency').read(cr, 1, deps, ['name'])
                    dependencies = [i['name'] for i in deps_read]
                    modules[module['name']] = dependencies
    except Exception,e:
        pass
    sorted_modules = topological_sort(modules)
    return sorted_modules
    
def module_boot(db=None):
    server_wide_modules = openerp.conf.server_wide_modules or ['web']
    serverside = []
    dbside = []
    for i in server_wide_modules:
        if i in http.addons_manifest:
            serverside.append(i)
    monodb = db or db_monodb()
    if monodb:
        dbside = module_installed_bypass_session(monodb)
        dbside = [i for i in dbside if i not in serverside]
    addons = serverside + dbside
    return addons
 # In the above code Import and method copy and paste from the web/main.py file  
class Database_Password(openerp.addons.web.controllers.main.Database):

    @http.route('/web/database/manager', type='http', auth="none")
    def manager(self, **kw):
        request.session.logout()
        return http.local_redirect('/web/password')

    @http.route('/web/password', type='http', auth='public', website=True)
    def pasword(self, redirect=None, **post):    
        return request.render('web_dbrestrict.dbmanager_password', {'url_root': request.httprequest.url_root})
                
    @http.route('/web/dbmanager_password', type='http', auth='public', website=True)
    def dbmanager_password(self, cert_type=None, **post):
        password = request.params['password']    
        if password == 'Your_Password': #user enter password matched redirect to DBManager page
            return env.get_template("database_manager.html").render({
                'modules': simplejson.dumps(module_boot()),
            })    
        else:
            values = request.params.copy()        
            values['error'] = "Wrong password"                
            return request.render('web_dbrestrict.dbmanager_password', values)        
        
  web_dbrestrict/views

  copy and paste the "database_manager.html" File from the location web/views to  web_dbrestrict/views

 

@Prakash, Do you have a github repository for this module? I would like to fork it for my own use if possible. I think github would be the best way as other people who would also like to use your module can see changes against their fork if you make updates to your module. Please let me know if you have any plans to add this to a github repository. If you do not plan to add this to a github repository or your own I would like to ask your permission before adding this module to my own repo here: http://github.com/lukebranch if this is the case please provide me with details I can add to the __openerp__.py file to provide credit to you as the author.

Luke Branch
on 11/6/14, 10:46 PM

@Luke: Just update the module in github https://github.com/prakashsukraj/Odoo-DBRestrict

Prakash
on 11/7/14, 2:03 AM

@Prakash, Thank you!

Luke Branch
on 11/7/14, 2:06 AM
1
Avatar

Luke Branch

--Luke Branch--
1599
| 7 8 8
Mui Wo, Lantau, Hong Kong
--Luke Branch--

...

Luke Branch
On 10/7/14, 9:01 PM

In order to restrict access to  /web/database/selector and /web/database/manager I have setup nginx as a frontend proxy in front of Odoo's webserver and applied the following rules to the /sites-enabled/examplewebsite.com (add inside server {}):

location ~ ^ /web/database(manager|selector) { 
                      allow 1.2.3.4;
                      deny all;
}

simply replace 1.2.3.4 with an ip (preferably fixed ip) of your choice. I have replaced it with an ip address inside my internal LAN. This will provide anyone who is not trying to access that URL from that IP address a 403 Forbidden error from nginx.

In order to setup Nginx as a frontend proxy for Odoo I have used the following steps on Debian 7.6:

1) sudo apt-get install nginx
2) sudo pico -w /etc/nginx/sites-enabled/examplewebsite.com
3) paste the following and replace examplewebsite.com with your domain, and 1.2.3.4 with the fixed IP address you would like to access your /web/database/manager and /web/database/selector links from:

server {
           
          listen 80;
          server_name  www.examplewebsite.com examplewebsite.com;
          charset utf-8;
                                                                                                                                                                     
          access_log  /var/log/nginx/prolv-access.log;                         

          error_log   /var/log/nginx/prolv-error.log;  

  location ~ ^/web/database/(manager|selector) {
                allow 1.2.3.4;
                deny all;
  }

                location / {
                    proxy_pass         http://127.0.0.1:8072/;
                    proxy_redirect     off;

                    proxy_set_header   Host             $host;
                    proxy_set_header   X-Real-IP        $remote_addr;
                    proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
                    proxy_set_header   X-OpenERP-dbfilter prolv;

                    client_max_body_size       200m;

                #    proxy_connect_timeout      90;
                #    proxy_send_timeout         90;
                #    proxy_read_timeout         90;

                    proxy_buffer_size          128k;
                    proxy_buffers              16 64k;
                #    proxy_busy_buffers_size    64k;
                #    proxy_temp_file_write_size 64k;
                }

                # Static files location
                #location ~* ^.+.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|js)$ {
                #    root   /spool/www/members_ng;
                #}

               

 


}


Credit to Viktor for his basic Nginx config for Odoo 8.0 here
http://www.prolv.net/forum/help-1/question/nginix-setup-for-odoo-6

and NixCraft for their explanation of Nginx Access rules here:
http://www.cyberciti.biz/faq/nginx-block-url-access-all-except-one-ip-address/


Although this is by no means a complete or production ready configuration it has at least helped me to achieve restricting access to those URL's to a specific IP. I will be rolling a more complete nginx configuration into my Odoo 8.0 install script (forked and modified from Andre Schenkel's here - https://github.com/lukebranch/openerp-install-scripts/blob/master/odoo-saas4/ubuntu-14-04/odoo_install.sh).

There are probably better ways to do this and I welcome any comments on how this might be better implemented.

0
iouhammi
On 5/13/15, 7:59 AM

@Prakash, Thanks for your solution (db-restrict module). It's working fine for one database, but when I create a new one, then I try to access database manager, I get a 404 error when I'm redirected to /web/password..

Please, if there is any update ? Thanks.

I think, if db-restrict module installed in all the database then the 404 error will not shows.

Prakash
on 5/13/15, 8:07 AM

I rechecked it, it's installed in all databases (also, I set auto_install to true, so it was installed automatically). But the problem still persisting.. Also, I can access to Database Manager from /web/manager/selector without password! But when I dropped the new database (only one kept) It worked fine.. I recreate new one, the problem reoccur !

iouhammi
on 5/13/15, 8:25 AM
0
PY
On 2/6/15, 4:11 AM

If you're using Apache, you could do something like this:

<Location /web/database>
    Order deny,allow
    Deny from all
    Allow from 1.2.3.4
</Location>

in your site configuration file.

This way, only the IP 1.2.3.4 can access the /web/database path. And the /web/database/manager uses this path, so...

0
Avatar

Maniganda

--Maniganda--

1100
| 6 8 7
Bangalore, India
--Maniganda--
Maniganda
On 10/8/14, 3:38 AM

Here is whole explanation of removing manage databases, https://accounts.openerp.com/forum/Help-1/question/2615

-1
Mega Fridayanti
On 5/2/15, 8:23 AM

Dear everyone :)

i am a new user for Odoo :)

have anybody installed Odoo version 9.0 ?

I have installed it, but i didn't find button for restore my database :(

the page just filled with blank page and "Odoo" text

what should I do ?


thanks before,

Mega

-1
Bruno JOLIVEAU
On 10/7/14, 4:09 PM

What do you expect exactly ?

Why don't you change masterpassword for admin ?

The user will be able to reach this page but won't be able manipulate.

About This Community

This community is for professionals and enthusiasts of our products and services. Read Guidelines

Odoo Training Center

Access to our E-learning platform and experience all Odoo Apps through learning videos, exercises and Quizz.

Test it now

Question tools

15 follower(s)

Stats

Asked: 7/11/14, 2:44 AM
Seen: 26685 times
Last updated: 4/7/16, 9:25 PM