In Odoo version 8 Select database / Manage Databases view using the below URL:-
http://localhost:8069/web/database/selector
Note: Default Port No 8069. change Url based on your port no configuration.
EDIT:
GitHub Source Code https://github.com/prakashsukraj/Odoo-DBRestrict
I just finished a new module "web_dbrestrict" that Database Manager page restrict redirect to password page.
__openerp__.py
{
'name': 'Web DB Restrict',
'category': 'Hidden',
'version': '1.0',
'description': """
OpenERP Web core module.
========================
This module provides Database Manager page restrict redirect to password page.
""",
'depends': ['web'],
'data': [
'views/web_dbrestrict.xml',
],
'installable': True,
'application': True,
}
views/web_dbrestrict.xml
<?xml version="1.0" encoding="utf-8"?>
<openerp>
<data>
<template id="dbmanager_password" name="DB Password">
<t t-call="web.login_layout">
<form class="oe_login_form" role="form" action="/web/dbmanager_password" method="post">
<div class="form-group field-password">
<label for="password" class="control-label">Password</label>
<input type="password" name="password" id="password" class="form-control" required="required" t-att-autofocus="'autofocus' if login else None"/>
</div>
<p class="alert alert-danger" t-if="error">
<t t-esc="error"/>
</p>
<p class="alert alert-success" t-if="message">
<t t-esc="message"/>
</p>
<div class="clearfix oe_login_buttons">
<button type="submit" class="btn btn-primary">Log in</button>
</div>
</form>
</t>
</template>
</data>
</openerp>
web_dbrestrict/controllers/main.py
import jinja2
import os
import simplejson
import sys
import openerp
import openerp.modules.registry
from openerp.tools import topological_sort
from openerp import http
from openerp.http import request, serialize_exception as _serialize_exception
if hasattr(sys, 'frozen'):
# When running on compiled windows binary, we don't have access to package loader.
path = os.path.realpath(os.path.join(os.path.dirname(__file__), '..', 'views'))
loader = jinja2.FileSystemLoader(path)
else:
loader = jinja2.PackageLoader('openerp.addons.web', "views")
env = jinja2.Environment(loader=loader, autoescape=True)
env.filters["json"] = simplejson.dumps
db_monodb = http.db_monodb
def module_installed_bypass_session(dbname):
loadable = http.addons_manifest.keys()
modules = {}
try:
registry = openerp.modules.registry.RegistryManager.get(dbname)
with registry.cursor() as cr:
m = registry.get('ir.module.module')
# TODO The following code should move to ir.module.module.list_installed_modules()
domain = [('state','=','installed'), ('name','in', loadable)]
ids = m.search(cr, 1, [('state','=','installed'), ('name','in', loadable)])
for module in m.read(cr, 1, ids, ['name', 'dependencies_id']):
modules[module['name']] = []
deps = module.get('dependencies_id')
if deps:
deps_read = registry.get('ir.module.module.dependency').read(cr, 1, deps, ['name'])
dependencies = [i['name'] for i in deps_read]
modules[module['name']] = dependencies
except Exception,e:
pass
sorted_modules = topological_sort(modules)
return sorted_modules
def module_boot(db=None):
server_wide_modules = openerp.conf.server_wide_modules or ['web']
serverside = []
dbside = []
for i in server_wide_modules:
if i in http.addons_manifest:
serverside.append(i)
monodb = db or db_monodb()
if monodb:
dbside = module_installed_bypass_session(monodb)
dbside = [i for i in dbside if i not in serverside]
addons = serverside + dbside
return addons
# In the above code Import and method copy and paste from the web/main.py file
class Database_Password(openerp.addons.web.controllers.main.Database):
@http.route('/web/database/manager', type='http', auth="none")
def manager(self, **kw):
request.session.logout()
return http.local_redirect('/web/password')
@http.route('/web/password', type='http', auth='public', website=True)
def pasword(self, redirect=None, **post):
return request.render('web_dbrestrict.dbmanager_password', {'url_root': request.httprequest.url_root})
@http.route('/web/dbmanager_password', type='http', auth='public', website=True)
def dbmanager_password(self, cert_type=None, **post):
password = request.params['password']
if password == 'Your_Password': #user enter password matched redirect to DBManager page
return env.get_template("database_manager.html").render({
'modules': simplejson.dumps(module_boot()),
})
else:
values = request.params.copy()
values['error'] = "Wrong password"
return request.render('web_dbrestrict.dbmanager_password', values)
web_dbrestrict/views
copy and paste the "database_manager.html" File from the location web/views to web_dbrestrict/views
OR Another Solution is:
In order to restrict access to /web/database/selector and /web/database/manager I have setup nginx as a frontend proxy in front of Odoo's webserver and applied the following rules to the /sites-enabled/examplewebsite.com (add inside server {}):
location ~ ^ /web/database(manager|selector) {
allow 1.2.3.4;
deny all;
}
simply replace 1.2.3.4 with an ip (preferably fixed ip) of your choice. I have replaced it with an ip address inside my internal LAN. This will provide anyone who is not trying to access that URL from that IP address a 403 Forbidden error from nginx.
In order to setup Nginx as a frontend proxy for Odoo I have used the following steps on Debian 7.6:
1) sudo apt-get install nginx
2) sudo pico -w /etc/nginx/sites-enabled/examplewebsite.com
3) paste the following and replace examplewebsite.com with your domain, and 1.2.3.4 with the fixed IP address you would like to access your /web/database/manager and /web/database/selector links from:
server {
listen 80;
server_name www.examplewebsite.com examplewebsite.com;
charset utf-8;
access_log /var/log/nginx/prolv-access.log;
error_log /var/log/nginx/prolv-error.log;
location ~ ^/web/database/(manager|selector) {
allow 1.2.3.4;
deny all;
}
location / {
proxy_pass http://127.0.0.1:8072/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-OpenERP-dbfilter prolv;
client_max_body_size 200m;
# proxy_connect_timeout 90;
# proxy_send_timeout 90;
# proxy_read_timeout 90;
proxy_buffer_size 128k;
proxy_buffers 16 64k;
# proxy_busy_buffers_size 64k;
# proxy_temp_file_write_size 64k;
}
# Static files location
#location ~* ^.+.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|js)$ {
# root /spool/www/members_ng;
#}
}
Credit to Viktor for his basic Nginx config for Odoo 8.0 here
http://www.prolv.net/forum/help-1/question/nginix-setup-for-odoo-6
and NixCraft for their explanation of Nginx Access rules here:
http://www.cyberciti.biz/faq/nginx-block-url-access-all-except-one-ip-address/
Although this is by no means a complete or production ready configuration it has at least helped me to achieve restricting access to those URL's to a specific IP. I will be rolling a more complete nginx configuration into my Odoo 8.0 install script (forked and modified from Andre Schenkel's here - https://github.com/lukebranch/openerp-install-scripts/blob/master/odoo-saas4/ubuntu-14-04/odoo_install.sh).
There are probably better ways to do this and I welcome any comments on how this might be better implemented.
OR for APACHE Web Server:
If you're using Apache, you could do something like this:
<Location /web/database>
Order deny,allow
Deny from all
Allow from 1.2.3.4
</Location>
in your site configuration file.
This way, only the IP 1.2.3.4 can access the /web/database path. And the /web/database/manager uses this path, so...
Your answer
Please try to give a substantial answer. If you wanted to comment on the question or answer, just use the commenting tool. Please remember that you can always revise your answers - no need to answer the same question twice. Also, please don't forget to vote - it really helps to select the best questions and answers!
Keep Informed
About This Forum
This forum is for HiTechnologia Employees & just Odoo general knowledge purpose only.
Read GuidelinesQuestion tools
Stats
| Asked: 7/24/15, 10:56 AM |
| Seen: 12149 times |
| Last updated: 7/24/15, 11:01 AM |