odoo.exceptions.AccessError: ('La operación solicitada no puede completarse debido a restricciones de seguridad. Por favor contacte a su administrador.\n\n(Tipo de documento: "Plantilla de producto" (product.template), Operación: read)', None)
application
# FIXME: is checking for the presence of HTTP_X_FORWARDED_HOST really useful?
# we're ignoring the user configuration, and that means we won't
# support the standardised Forwarded header once werkzeug supports
# it
if config['proxy_mode'] and 'HTTP_X_FORWARDED_HOST' in environ:
return ProxyFix(application_unproxied)(environ, start_response)
else:
return application_unproxied(environ, start_response)
__call__
environ['REMOTE_ADDR'] = remote_addr
if forwarded_host:
environ['HTTP_HOST'] = forwarded_host
if forwarded_proto:
environ['wsgi.url_scheme'] = forwarded_proto
return self.app(environ, start_response)
class HeaderRewriterFix(object):
"""This middleware can remove response headers and add others. This
application_unproxied
del threading.current_thread().dbname
if hasattr(threading.current_thread(), 'url'):
del threading.current_thread().url
with odoo.api.Environment.manage():
result = odoo.http.root(environ, start_response)
if result is not None:
return result
# We never returned from the loop.
return werkzeug.exceptions.NotFound("No handler found.\n")(environ, start_response)
__call__
""" Handle a WSGI request
"""
if not self._loaded:
self._loaded = True
self.load_addons()
return self.dispatch(environ, start_response)
def load_addons(self):
""" Load all addons from addons path containing static files and
controllers and configure them. """
# TODO should we move this to ir.http so that only configured modules are served ?
__call__
new_headers.append((k, v))
start_response(status, new_headers)
else:
start_response(status, headers)
return self.app(environ, start_wrapped)
class Root(object):
"""Root WSGI application for the OpenERP Web Client.
"""
def __init__(self):
__call__
if path.startswith(search_path):
real_filename, file_loader = loader(path[len(search_path):])
if file_loader is not None:
break
if file_loader is None or not self.is_allowed(real_filename):
return self.app(environ, start_response)
guessed_type = mimetypes.guess_type(real_filename)
mime_type = guessed_type[0] or self.fallback_mimetype
f, mtime, file_size = file_loader()
dispatch
raise
else:
# If requesting /web this will loop
result = _dispatch_nodb()
else:
result = ir_http._dispatch()
else:
result = _dispatch_nodb()
response = self.get_response(httprequest, result, explicit_session)
return response(environ, start_response)
_dispatch
@classmethod
def _dispatch(cls):
affiliate_id = request.httprequest.args.get('affiliate_id')
if affiliate_id:
request.session['affiliate_id'] = int(affiliate_id)
return super(IrHttp, cls)._dispatch()
_dispatch
reg = registry(request.session.db)
with reg.cursor() as cr:
env = api.Environment(cr, SUPERUSER_ID, {})
request.website_routing = env['website'].get_current_website().id
response = super(Http, cls)._dispatch()
if not is_rerouting:
cls._register_website_track(response)
return response
_dispatch
if 'auth_signup_token' in request.params:
request.session['auth_signup_token'] = request.params['auth_signup_token']
if 'auth_login' in request.params:
request.session['auth_login'] = request.params['auth_login']
return super(Http, cls)._dispatch()
_dispatch
if 'edit_translations' in request.httprequest.args and 'edit_translations' not in context:
context['edit_translations'] = True
if context.get('edit_translations') and 'translatable' not in context:
context['translatable'] = True
request.context = context
return super(IrHttp, cls)._dispatch()
@classmethod
def _get_translation_frontend_modules_name(cls):
mods = super(IrHttp, cls)._get_translation_frontend_modules_name()
return mods + ['web_editor']
_dispatch
response.set_cookie(cook, request.params[var], domain=domain)
return response
@classmethod
def _dispatch(cls):
response = super(IrHttp, cls)._dispatch()
return cls._set_utm(response)
@classmethod
def _handle_exception(cls, exc):
response = super(IrHttp, cls)._handle_exception(exc)
_dispatch
if routing_error:
return cls._handle_exception(routing_error)
# removed cache for auth public
result = super(IrHttp, cls)._dispatch()
cook_lang = request.httprequest.cookies.get('frontend_lang')
if request.is_frontend and cook_lang != request.lang.code and hasattr(result, 'set_cookie'):
result.set_cookie('frontend_lang', request.lang.code)
_dispatch
try:
auth_method = cls._authenticate(func.routing["auth"])
except Exception as e:
return cls._handle_exception(e)
processing = cls._postprocess_args(arguments, rule)
if processing:
return processing
# set and execute handler
try:
_postprocess_args
_, path = rule.build(arguments)
assert path is not None
except odoo.exceptions.MissingError:
return cls._handle_exception(werkzeug.exceptions.NotFound())
except Exception as e:
return cls._handle_exception(e)
if getattr(request, 'is_frontend_multilang', False) and request.httprequest.method in ('GET', 'HEAD'):
generated_path = werkzeug.url_unquote_plus(path)
current_path = werkzeug.url_unquote_plus(request.httprequest.path)
if generated_path != current_path:
_handle_exception
response = super(IrHttp, cls)._dispatch()
return cls._set_utm(response)
@classmethod
def _handle_exception(cls, exc):
response = super(IrHttp, cls)._handle_exception(exc)
return cls._set_utm(response)
_handle_exception
else:
# if parent excplicitely returns a plain response, then we don't touch it
return response
except Exception as e:
if 'werkzeug' in config['dev_mode']:
raise e
exception = e
code, values = cls._get_exception_code_values(exception)
if code is None:
_handle_exception
is_frontend_request = bool(getattr(request, 'is_frontend', False))
if not is_frontend_request:
# Don't touch non frontend requests exception handling
return super(IrHttp, cls)._handle_exception(exception)
try:
response = super(IrHttp, cls)._handle_exception(exception)
if isinstance(response, Exception):
exception = response
else:
# if parent excplicitely returns a plain response, then we don't touch it
_handle_exception
# "The Response is expressed as a single JSON Object, with the following members:
# jsonrpc, result, error, id"
if ('werkzeug' in tools.config['dev_mode']
and not isinstance(exception, werkzeug.exceptions.NotFound)
and request._request_type != 'json'):
raise exception
try:
return request._handle_exception(exception)
except AccessDenied:
return werkzeug.exceptions.Forbidden()
_postprocess_args
@classmethod
def _postprocess_args(cls, arguments, rule):
super(IrHttp, cls)._postprocess_args(arguments, rule)
try:
_, path = rule.build(arguments)
assert path is not None
except odoo.exceptions.MissingError:
return cls._handle_exception(werkzeug.exceptions.NotFound())
except Exception as e:
return cls._handle_exception(e)
build
add = tmp.append
processed = set(self.arguments)
for is_dynamic, data in self._trace:
if is_dynamic:
try:
add(self._converters[data].to_url(values[data]))
except ValidationError:
return
processed.add(data)
else:
add(url_quote(to_bytes(data, self.map.charset), safe='/:|+'))
to_url
super(ModelConverter, self).__init__(url_map, model)
self.domain = domain
self.regex = _UNSLUG_RE.pattern
def to_url(self, value):
return slug(value)
def to_python(self, value):
matching = re.match(self.regex, value)
_uid = RequestUID(value=value, match=matching, converter=self)
record_id = int(matching.group(2))
slug
def slug(value):
if isinstance(value, models.BaseModel):
if not value.id:
raise ValueError("Cannot slug non-existent record %s" % value)
# [(id, name)] = value.name_get()
identifier, name = value.id, value.display_name
else:
# assume name_search result tuple
identifier, name = value
slugname = slugify(name or '').strip().strip('-')
if not slugname:
__get__
else:
recs = record if self.recursive else record._in_cache_without(self)
try:
self.compute_value(recs)
except (AccessError, MissingError):
self.compute_value(record)
value = env.cache.get(record, self)
elif (not record.id) and record._origin:
value = self.convert_to_cache(record._origin[self.name], record)
env.cache.set(record, self, value)
compute_value
for field in fields:
env.remove_to_compute(field, records)
try:
with records.env.protecting(fields, records):
records._compute_field_value(self)
except Exception:
for field in fields:
env.add_to_compute(field, records)
raise
_compute_field_value
def _compute_field_value(self, field):
# This is for base automation, to have something to override to catch
# the changes of values for stored compute fields.
if isinstance(field.compute, str):
getattr(self, field.compute)()
else:
field.compute(self)
if field.store and any(self._ids):
# check constraints of the fields that have been computed
_compute_display_name
However some models might override this method. For them, the behavior
might differ, and it is important to select which of `display_name` or
`name_get()[0][1]` to call depending on the desired result.
"""
names = dict(self.name_get())
for record in self:
record.display_name = names.get(record.id, False)
def name_get(self):
""" name_get() -> [(id, name), ...]
name_get
default['name'] = _("%s (copy)") % self.name
return super(ProductTemplate, self).copy(default=default)
def name_get(self):
# Prefetch the fields used by the `name_get`, so `browse` doesn't fetch other fields
self.browse(self.ids).read(['name', 'default_code'])
return [(template.id, '%s%s' % (template.default_code and '[%s] ' % template.default_code or '', template.name))
for template in self]
@api.model
def _name_search(self, name, args=None, operator='ilike', limit=100, name_get_uid=None):
read
# optimization: prefetch direct field dependencies
for dotname in field.depends:
f = self._fields[dotname.split('.')[0]]
if f.prefetch and (not f.groups or self.user_has_groups(f.groups)):
stored_fields.add(f.name)
self._read(stored_fields)
# retrieve results from records; this takes values from the cache and
# computes remaining fields
data = [(record, {'id': record._ids[0]}) for record in self]
use_name_get = (load == '_classic_read')
_read
missing._ids, extras._ids,
))
# mark non-existing records in missing
forbidden = missing.exists()
if forbidden:
raise self.env['ir.rule']._make_access_error('read', forbidden)
def get_metadata(self):
"""Return some metadata about the given records.
:return: list of ownership dictionaries for each requested record
odoo.exceptions.AccessError: ('La operación solicitada no puede completarse debido a restricciones de seguridad. Por favor contacte a su administrador.\n\n(Tipo de documento: "Plantilla de producto" (product.template), Operación: read)', None)
The console is locked and needs to be unlocked by entering the PIN. You can find the PIN printed out on the standard output of your shell that runs the server.