[MIG] auth_saml_create_user: Migration to 18.0

Author: tm-smile

auth_saml_create_user/README.rst

@@ -10,9 +10,9 @@ Auth SAML Create User
    !! source digest: sha256:99e8fd5583907518e2d4a0ef800c952bf67fe884007baa8365c037da4ffa55b0
    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 
-.. |badge1| image:: https://img.shields.io/badge/maturity-Production%2FStable-green.png
+.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
     :target: https://odoo-community.org/page/development-status
-    :alt: Production/Stable
+    :alt: Beta
 .. |badge2| image:: https://img.shields.io/badge/licence-AGPL--3-blue.png
     :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
     :alt: License: AGPL-3
@@ -61,17 +61,28 @@ Authors
 -------
 
 * Savoir-faire Linux
+* Smile
 
 Contributors
 ------------
 
 - Luis Garcia(luis.garcia@savoirfairelinux.com)
+
 - Jerome Oufella(jerome.oufella@savoirfairelinux.com)
+
 - Rim Ben Dhaou <rim.bendhaou@savoirfairelinux.com>
+
 - Larbi Gharib <larbi.gharib@savoirfairelinux.com>
+
 - Pierre Gault <pierre.gault@savoirfairelinux.com>
+
 - William Beverly <william.beverly@savoirfairelinux.com>
 
+- [SMILE] (https://smile.eu/en):
+
+  - Martin Deconinck <martin.deconinck@smile.fr>
+  - Théo Martin <theo.martin@smile.fr>
+
 Other credits
 -------------
 

auth_saml_create_user/__manifest__.py

@@ -6,16 +6,22 @@
     "summary": """
         This module extends the functionality of Auth SAML to support
         the automatic creation of SAML users when they don't exist in odoo.""",
-    "author": "Savoir-faire Linux, Odoo Community Association (OCA)",
+    "version": "18.0.1.0.0",
+    "category": "Tools",
+    "sequence": 20,
+    "author": "Savoir-faire Linux, Odoo Community Association (OCA), Smile",
     "maintainers": ["eilst"],
     "website": "https://github.com/OCA/server-auth",
     "license": "AGPL-3",
-    "category": "Tools",
-    "version": "11.0.1.0.1",
-    "depends": ["auth_saml"],
+    "depends": [
+        "auth_saml",
+    ],
     "data": [
-        "data/auth_saml_create_user.xml",
         "views/auth_saml.xml",
     ],
-    "development_status": "Production/Stable",
+    "demo": [],
+    "test": [],
+    "auto_install": False,
+    "installable": True,
+    "application": False,
 }

auth_saml_create_user/data/auth_saml_create_user.xml

@@ -1,5 +1,5 @@
 # © 2018 Savoir-faire Linux
 # License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
 
-from . import auth_saml
+from . import auth_saml_provider
 from . import res_users

auth_saml_create_user/models/__init__.py

@@ -8,5 +8,5 @@ class AuthSamlProvider(models.Model):
     _inherit = "auth.saml.provider"
 
     create_user = fields.Boolean(
-        string="Create User",
+        default=True,
     )

auth_saml_create_user/models/auth_saml.py …create_user/models/auth_saml_provider.pyauth_saml_create_user/models/auth_saml.py renamed to auth_saml_create_user/models/auth_saml_provider.py auth_saml_create_user/models/auth_saml.py renamed to auth_saml_create_user/models/auth_saml_provider.py

@@ -4,7 +4,10 @@
 import logging
 import random
 
-from odoo import api, models
+from odoo import models
+from odoo.tools import safe_eval
+
+from odoo.addons.auth_saml.models.ir_config_parameter import ALLOW_SAML_UID_AND_PASSWORD
 
 _logger = logging.getLogger(__name__)
 s = "abcdefghijklmnopqrstuvwxyz034567890ABCDEFGHIJKLMNOPQRSTUVWXYZ!@#$%^&*()?"
@@ -14,29 +17,38 @@
 class ResUsers(models.Model):
     _inherit = "res.users"
 
-    @api.multi
-    def _auth_saml_signin(self, provider, validation, saml_response):
-        saml_uid = validation["user_id"]
-        user_ids = self.search(
-            [("saml_uid", "=", saml_uid), ("saml_provider_id", "=", provider)]
-        )
-        if self.check_if_create_user(provider) and not user_ids:
-            self.create_user(saml_uid, provider)
-        return super()._auth_saml_signin(provider, validation, saml_response)
-
     def check_if_create_user(self, provider):
         return self.env["auth.saml.provider"].browse(provider).create_user
 
     def create_user(self, saml_uid, provider):
-        _logger.debug('Creating new Odoo user "%s" from SAML' % saml_uid)
+        _logger.debug(f"Creating new Odoo user {saml_uid} from SAML")
         SudoUser = self.env["res.users"].sudo()
-        new_user = SudoUser.create(
-            {
-                "name": saml_uid,
-                "login": saml_uid,
-                "saml_provider_id": provider,
-                "password": "".join(random.sample(s, passlen)),
-                "company_id": self.env["res.company"].sudo().browse(1).id,
-            }
+        values = {
+            "name": saml_uid,
+            "login": saml_uid,
+            "saml_ids": [
+                (0, 0, {"saml_provider_id": provider, "saml_uid": saml_uid}),
+            ],
+            "company_id": self.env["res.company"].sudo().browse(1).id,
+        }
+        allow_saml_password = (
+            self.env["ir.config_parameter"]
+            .sudo()
+            .get_param(ALLOW_SAML_UID_AND_PASSWORD, "False")
+        )
+        if safe_eval.safe_eval(allow_saml_password):
+            values["password"] = "".join(random.sample(s, passlen))
+        res = SudoUser.create(values)
+        return res
+
+    def _auth_saml_signin(self, provider: int, validation: dict, saml_response) -> str:
+        """
+        Overload to auto create a new user if configured to allow it.
+        """
+        saml_uid = validation["user_id"]
+        user_ids = self.env["res.users.saml"].search(
+            [("saml_uid", "=", saml_uid), ("saml_provider_id", "=", provider)]
         )
-        new_user.write({"saml_uid": saml_uid})
+        if self.check_if_create_user(provider) and not user_ids:
+            self.create_user(saml_uid, provider)
+        return super()._auth_saml_signin(provider, validation, saml_response)

auth_saml_create_user/models/res_users.py

@@ -4,3 +4,7 @@
 - Larbi Gharib \<larbi.gharib@savoirfairelinux.com\>
 - Pierre Gault \<pierre.gault@savoirfairelinux.com\>
 - William Beverly \<william.beverly@savoirfairelinux.com\>
+
+- [SMILE] (https://smile.eu/en):
+  - Martin Deconinck \<martin.deconinck@smile.fr\>
+  - Théo Martin \<theo.martin@smile.fr\>

auth_saml_create_user/readme/CONTRIBUTORS.md

@@ -369,7 +369,7 @@ <h1 class="title">Auth SAML Create User</h1>
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 !! source digest: sha256:99e8fd5583907518e2d4a0ef800c952bf67fe884007baa8365c037da4ffa55b0
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -->
-<p><a class="reference external image-reference" href="https://odoo-community.org/page/development-status"><img alt="Production/Stable" src="https://img.shields.io/badge/maturity-Production%2FStable-green.png" /></a> <a class="reference external image-reference" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external image-reference" href="https://github.com/OCA/server-auth/tree/18.0/auth_saml_create_user"><img alt="OCA/server-auth" src="https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github" /></a> <a class="reference external image-reference" href="https://translation.odoo-community.org/projects/server-auth-18-0/server-auth-18-0-auth_saml_create_user"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external image-reference" href="https://runboat.odoo-community.org/builds?repo=OCA/server-auth&amp;target_branch=18.0"><img alt="Try me on Runboat" src="https://img.shields.io/badge/runboat-Try%20me-875A7B.png" /></a></p>
+<p><a class="reference external image-reference" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external image-reference" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external image-reference" href="https://github.com/OCA/server-auth/tree/18.0/auth_saml_create_user"><img alt="OCA/server-auth" src="https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github" /></a> <a class="reference external image-reference" href="https://translation.odoo-community.org/projects/server-auth-18-0/server-auth-18-0-auth_saml_create_user"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external image-reference" href="https://runboat.odoo-community.org/builds?repo=OCA/server-auth&amp;target_branch=18.0"><img alt="Try me on Runboat" src="https://img.shields.io/badge/runboat-Try%20me-875A7B.png" /></a></p>
 <p>This module extends the functionality of Auth SAML to support the
 automatic creation of SAML users when they don’t exist in odoo.</p>
 <p><strong>Table of contents</strong></p>
@@ -408,6 +408,7 @@ <h1><a class="toc-backref" href="#toc-entry-3">Credits</a></h1>
 <h2><a class="toc-backref" href="#toc-entry-4">Authors</a></h2>
 <ul class="simple">
 <li>Savoir-faire Linux</li>
+<li>Smile</li>
 </ul>
 </div>
 <div class="section" id="contributors">
@@ -419,6 +420,11 @@ <h2><a class="toc-backref" href="#toc-entry-5">Contributors</a></h2>
 <li>Larbi Gharib &lt;<a class="reference external" href="mailto:larbi.gharib&#64;savoirfairelinux.com">larbi.gharib&#64;savoirfairelinux.com</a>&gt;</li>
 <li>Pierre Gault &lt;<a class="reference external" href="mailto:pierre.gault&#64;savoirfairelinux.com">pierre.gault&#64;savoirfairelinux.com</a>&gt;</li>
 <li>William Beverly &lt;<a class="reference external" href="mailto:william.beverly&#64;savoirfairelinux.com">william.beverly&#64;savoirfairelinux.com</a>&gt;</li>
+<li>[SMILE] (<a class="reference external" href="https://smile.eu/en">https://smile.eu/en</a>):<ul>
+<li>Martin Deconinck &lt;<a class="reference external" href="mailto:martin.deconinck&#64;smile.fr">martin.deconinck&#64;smile.fr</a>&gt;</li>
+<li>Théo Martin &lt;<a class="reference external" href="mailto:theo.martin&#64;smile.fr">theo.martin&#64;smile.fr</a>&gt;</li>
+</ul>
+</li>
 </ul>
 </div>
 <div class="section" id="other-credits">

auth_saml_create_user/security/ir.model.access.csv

@@ -1,5 +1,4 @@
 # © 2019 Savoir-faire Linux
 # License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
 
-from . import common
-from . import test_auth_saml_create_users
+from . import test_auth_saml_provider