odoo.exceptions.AccessError: Due to security restrictions, you are not allowed to access 'Job Position' (hr.job) records. Contact your administrator to request access if necessary.
get
def get(self, record, field, default=NOTHING):
""" Return the value of ``field`` for ``record``. """
try:
field_cache = self._get_field_cache(record, field)
return field_cache[record._ids[0]]
except KeyError:
if default is NOTHING:
raise CacheMiss(record, field)
return default
__get__
if self.compute and self.store:
# process pending computations
self.recompute(record)
try:
value = env.cache.get(record, self)
except KeyError:
# behavior in case of cache miss:
#
# on a real record:
get
try:
field_cache = self._get_field_cache(record, field)
return field_cache[record._ids[0]]
except KeyError:
if default is NOTHING:
raise CacheMiss(record, field)
return default
def set(self, record, field, value):
""" Set the value of ``field`` for ``record``. """
field_cache = self._set_field_cache(record, field)
__get__
#
if self.store and record.id:
# real record: fetch from database
recs = record._in_cache_without(self)
try:
recs._fetch_field(self)
except AccessError:
record._fetch_field(self)
if not env.cache.contains(record, self):
raise MissingError("\n".join([
_("Record does not exist or has been deleted."),
_fetch_field
if field.name not in fnames:
fnames.append(field.name)
self = self - self.env.records_to_compute(field)
else:
fnames = [field.name]
self._read(fnames)
def _read(self, fields):
""" Read the given fields of the records in ``self`` from the database,
and store them in cache. Access errors are also stored in cache.
Skip fields that are not stored.
_read
missing._ids, extras._ids,
))
# mark non-existing records in missing
forbidden = missing.exists()
if forbidden:
raise self.env['ir.rule']._make_access_error('read', forbidden)
def get_metadata(self):
"""Return some metadata about the given records.
:return: list of ownership dictionaries for each requested record
application
# FIXME: is checking for the presence of HTTP_X_FORWARDED_HOST really useful?
# we're ignoring the user configuration, and that means we won't
# support the standardised Forwarded header once werkzeug supports
# it
if config['proxy_mode'] and 'HTTP_X_FORWARDED_HOST' in environ:
return ProxyFix(application_unproxied)(environ, start_response)
else:
return application_unproxied(environ, start_response)
__call__
self.x_prefix, environ_get("HTTP_X_FORWARDED_PREFIX")
)
if x_prefix:
environ["SCRIPT_NAME"] = x_prefix
return self.app(environ, start_response)
application_unproxied
if hasattr(threading.current_thread(), 'dbname'):
del threading.current_thread().dbname
if hasattr(threading.current_thread(), 'url'):
del threading.current_thread().url
result = odoo.http.root(environ, start_response)
if result is not None:
return result
# We never returned from the loop.
return werkzeug.exceptions.NotFound("No handler found.\n")(environ, start_response)
__call__
""" Handle a WSGI request
"""
if not self._loaded:
self._loaded = True
self.load_addons()
return self.dispatch(environ, start_response)
def load_addons(self):
""" Load all addons from addons path containing static files and
controllers and configure them. """
# TODO should we move this to ir.http so that only configured modules are served ?
__call__
new_headers.append(('Cache-Control', cache_control_value))
start_response(status, new_headers)
else:
start_response(status, headers)
return self.app(environ, start_wrapped)
class Root(object):
"""Root WSGI application for the OpenERP Web Client.
"""
def __init__(self):
__call__
if file_loader is not None:
break
if file_loader is None or not self.is_allowed(real_filename):
return self.app(environ, start_response)
guessed_type = mimetypes.guess_type(real_filename)
mime_type = get_content_type(guessed_type[0] or self.fallback_mimetype, "utf-8")
f, mtime, file_size = file_loader()
dispatch
raise
else:
# If requesting /web this will loop
result = _dispatch_nodb()
else:
result = ir_http._dispatch()
else:
result = _dispatch_nodb()
response = self.get_response(httprequest, result, explicit_session)
return response(environ, start_response)
_dispatch
@classmethod
def _dispatch(cls):
affiliate_id = request.httprequest.args.get('affiliate_id')
if affiliate_id:
request.session['affiliate_id'] = int(affiliate_id)
return super(IrHttp, cls)._dispatch()
_dispatch
reg = registry(request.session.db)
with reg.cursor() as cr:
env = api.Environment(cr, SUPERUSER_ID, {})
request.website_routing = env['website'].get_current_website().id
response = super(Http, cls)._dispatch()
if not is_rerouting:
cls._register_website_track(response)
return response
_dispatch
if 'auth_signup_token' in request.params:
request.session['auth_signup_token'] = request.params['auth_signup_token']
if 'auth_login' in request.params:
request.session['auth_login'] = request.params['auth_login']
return super(Http, cls)._dispatch()
_dispatch
if 'edit_translations' in request.httprequest.args and 'edit_translations' not in context:
context['edit_translations'] = True
if context.get('edit_translations') and 'translatable' not in context:
context['translatable'] = True
request.context = context
return super(IrHttp, cls)._dispatch()
@classmethod
def _get_translation_frontend_modules_name(cls):
mods = super(IrHttp, cls)._get_translation_frontend_modules_name()
return mods + ['web_editor']
_dispatch
response.set_cookie(cook, request.params[var], domain=domain)
return response
@classmethod
def _dispatch(cls):
response = super(IrHttp, cls)._dispatch()
return cls._set_utm(response)
@classmethod
def _handle_exception(cls, exc):
response = super(IrHttp, cls)._handle_exception(exc)
_dispatch
if routing_error:
return cls._handle_exception(routing_error)
# removed cache for auth public
result = super(IrHttp, cls)._dispatch()
cook_lang = request.httprequest.cookies.get('frontend_lang')
if request.is_frontend and cook_lang != request.lang._get_cached('code') and hasattr(result, 'set_cookie'):
result.set_cookie('frontend_lang', request.lang._get_cached('code'))
_dispatch
try:
auth_method = cls._authenticate(func)
except Exception as e:
return cls._handle_exception(e)
processing = cls._postprocess_args(arguments, rule)
if processing:
return processing
# set and execute handler
try:
_postprocess_args
return False
@classmethod
def _postprocess_args(cls, arguments, rule):
processing = super()._postprocess_args(arguments, rule)
if processing:
return processing
for record in arguments.values():
if isinstance(record, models.BaseModel) and hasattr(record, 'can_access_from_current_website'):
_postprocess_args
_, path = rule.build(arguments)
assert path is not None
except odoo.exceptions.MissingError:
return cls._handle_exception(werkzeug.exceptions.NotFound())
except Exception as e:
return cls._handle_exception(e)
if getattr(request, 'is_frontend_multilang', False) and request.httprequest.method in ('GET', 'HEAD'):
generated_path = werkzeug.urls.url_unquote_plus(path)
current_path = werkzeug.urls.url_unquote_plus(request.httprequest.path)
if generated_path != current_path:
_handle_exception
response = super(IrHttp, cls)._dispatch()
return cls._set_utm(response)
@classmethod
def _handle_exception(cls, exc):
response = super(IrHttp, cls)._handle_exception(exc)
return cls._set_utm(response)
_handle_exception
else:
# if parent excplicitely returns a plain response, then we don't touch it
return response
except Exception as e:
if 'werkzeug' in config['dev_mode']:
raise e
exception = e
code, values = cls._get_exception_code_values(exception)
if code is None:
_handle_exception
is_frontend_request = bool(getattr(request, 'is_frontend', False))
if not is_frontend_request:
# Don't touch non frontend requests exception handling
return super(IrHttp, cls)._handle_exception(exception)
try:
response = super(IrHttp, cls)._handle_exception(exception)
if isinstance(response, Exception):
exception = response
else:
# if parent excplicitely returns a plain response, then we don't touch it
_handle_exception
# "The Response is expressed as a single JSON Object, with the following members:
# jsonrpc, result, error, id"
if ('werkzeug' in tools.config['dev_mode']
and not isinstance(exception, werkzeug.exceptions.NotFound)
and request._request_type != 'json'):
raise exception
try:
return request._handle_exception(exception)
except AccessDenied:
return werkzeug.exceptions.Forbidden()
_postprocess_args
@classmethod
def _postprocess_args(cls, arguments, rule):
super(IrHttp, cls)._postprocess_args(arguments, rule)
try:
_, path = rule.build(arguments)
assert path is not None
except odoo.exceptions.MissingError:
return cls._handle_exception(werkzeug.exceptions.NotFound())
except Exception as e:
return cls._handle_exception(e)
build
:internal:
"""
try:
if append_unknown:
return self._build_unknown(**values)
else:
return self._build(**values)
except ValidationError:
return None
<builder:'/jobs/apply/<model("hr.job"):job>'>
to_url
class ModelConverter(ir_http.ModelConverter):
def to_url(self, value):
if value.env.context.get('slug_matching'):
return value.env.context.get('_converter_value', str(value.id))
return super().to_url(value)
def generate(self, uid, dom=None, args=None):
Model = request.env[self.model].with_user(uid)
# Allow to current_website_id directly in route domain
args.update(current_website_id=request.env['website'].get_current_website().id)
to_url
super(ModelConverter, self).__init__(url_map, model)
self.domain = domain
self.regex = _UNSLUG_RE.pattern
def to_url(self, value):
return slug(value)
def to_python(self, value):
matching = re.match(self.regex, value)
_uid = RequestUID(value=value, match=matching, converter=self)
record_id = int(matching.group(2))
slug
def slug(value):
if isinstance(value, models.BaseModel):
if not value.id:
raise ValueError("Cannot slug non-existent record %s" % value)
# [(id, name)] = value.name_get()
identifier, name = value.id, getattr(value, 'seo_name', False) or value.display_name
else:
# assume name_search result tuple
identifier, name = value
slugname = slugify(name or '').strip().strip('-')
if not slugname:
__get__
# real record: fetch from database
recs = record._in_cache_without(self)
try:
recs._fetch_field(self)
except AccessError:
record._fetch_field(self)
if not env.cache.contains(record, self):
raise MissingError("\n".join([
_("Record does not exist or has been deleted."),
_("(Record: %s, User: %s)") % (record, env.uid),
]))
_fetch_field
if field.name not in fnames:
fnames.append(field.name)
self = self - self.env.records_to_compute(field)
else:
fnames = [field.name]
self._read(fnames)
def _read(self, fields):
""" Read the given fields of the records in ``self`` from the database,
and store them in cache. Access errors are also stored in cache.
Skip fields that are not stored.
_read
missing._ids, extras._ids,
))
# mark non-existing records in missing
forbidden = missing.exists()
if forbidden:
raise self.env['ir.rule']._make_access_error('read', forbidden)
def get_metadata(self):
"""Return some metadata about the given records.
:return: list of ownership dictionaries for each requested record
odoo.exceptions.AccessError: Due to security restrictions, you are not allowed to access 'Job Position' (hr.job) records. Contact your administrator to request access if necessary.
The console is locked and needs to be unlocked by entering the PIN. You can find the PIN printed out on the standard output of your shell that runs the server.