Merge PR #873 into 19.0

Signed-off-by thomaspaulb

Author: OCA-git-bot

auth_api_key/README.rst

@@ -0,0 +1,140 @@
+.. image:: https://odoo-community.org/readme-banner-image
+   :target: https://odoo-community.org/get-involved?utm_source=readme
+   :alt: Odoo Community Association
+
+============
+Auth Api Key
+============
+
+.. 
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+   !! This file is generated by oca-gen-addon-readme !!
+   !! changes will be overwritten.                   !!
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+   !! source digest: sha256:78e3946b0dbb81bb6fbf6c434aaf5214faec00449a765c2f41e321b65024ba05
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+
+.. |badge1| image:: https://img.shields.io/badge/maturity-Production%2FStable-green.png
+    :target: https://odoo-community.org/page/development-status
+    :alt: Production/Stable
+.. |badge2| image:: https://img.shields.io/badge/license-LGPL--3-blue.png
+    :target: http://www.gnu.org/licenses/lgpl-3.0-standalone.html
+    :alt: License: LGPL-3
+.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github
+    :target: https://github.com/OCA/server-auth/tree/19.0/auth_api_key
+    :alt: OCA/server-auth
+.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
+    :target: https://translation.odoo-community.org/projects/server-auth-19-0/server-auth-19-0-auth_api_key
+    :alt: Translate me on Weblate
+.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png
+    :target: https://runboat.odoo-community.org/builds?repo=OCA/server-auth&target_branch=19.0
+    :alt: Try me on Runboat
+
+|badge1| |badge2| |badge3| |badge4| |badge5|
+
+Authenticate http requests from an API key.
+
+API keys are codes passed in (in the http header API-KEY) by programs
+calling an API in order to identify -in this case- the calling program's
+user.
+
+Take care while using this kind of mechanism since information into http
+headers are visible in clear. Thus, use it only to authenticate requests
+from known sources.
+
+For unknown sources, it is a good practice to filter out this header at
+proxy level.
+
+Odoo allows users to authenticate ``XMLRPC/JSONRPC`` calls using their
+API key instead of a password by native API keys (``res.users.apikey``).
+However, ``auth_api_key`` has some special features of its own such as:
+
+-  API keys remain usable even when the user is inactive, if enabled via
+   settings (e.g., for system users in a shopinvader case).
+-  Supports dual authentication via Basic Auth and API_KEY in separate
+   HTTP headers.
+-  Admins can manage API keys for all users
+
+Given these advantages, particularly in use case like system user
+authentication, we have decided to keep the ``auth_api_key`` module
+
+**Table of contents**
+
+.. contents::
+   :local:
+
+Configuration
+=============
+
+The api key menu is available into Settings > Technical in debug mode.
+By default, when you create an API key, the key is saved into the
+database.
+
+If you want to manage them via serve environment settings use
+auth_api_key_server_env.
+
+Usage
+=====
+
+To apply this authentication system to your http request you must set
+'api_key' as value for the 'auth' parameter of your route definition
+into your controller.
+
+.. code:: python
+
+   class MyController(Controller):
+
+       @route('/my_service', auth='api_key', ...)
+       def my_service(self, *args, **kwargs):
+           pass
+
+Bug Tracker
+===========
+
+Bugs are tracked on `GitHub Issues <https://github.com/OCA/server-auth/issues>`_.
+In case of trouble, please check there if your issue has already been reported.
+If you spotted it first, help us to smash it by providing a detailed and welcomed
+`feedback <https://github.com/OCA/server-auth/issues/new?body=module:%20auth_api_key%0Aversion:%2019.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
+
+Do not contact contributors directly about support or help with technical issues.
+
+Credits
+=======
+
+Authors
+-------
+
+* ACSONE SA/NV
+
+Contributors
+------------
+
+-  Denis Robinet <denis.robinet@acsone.eu>
+-  Laurent Mignon <laurent.mignon@acsone.eu>
+-  Quentin Groulard <quentin.groulard@acsone.eu>
+-  Sébastien Beau <sebastien.beau@akretion.com>
+-  Chafique Delli <chafique.delli@akretion.com>
+-  Thien Vo Hong <thienvh@trobz.com>
+
+Other credits
+-------------
+
+The migration of this module from 17.0 to 18.0 was financially supported
+by Camptocamp.
+
+Maintainers
+-----------
+
+This module is maintained by the OCA.
+
+.. image:: https://odoo-community.org/logo.png
+   :alt: Odoo Community Association
+   :target: https://odoo-community.org
+
+OCA, or the Odoo Community Association, is a nonprofit organization whose
+mission is to support the collaborative development of Odoo features and
+promote its widespread use.
+
+This module is part of the `OCA/server-auth <https://github.com/OCA/server-auth/tree/19.0/auth_api_key>`_ project on GitHub.
+
+You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.

auth_api_key/__init__.py

@@ -0,0 +1 @@
+from . import models

auth_api_key/__manifest__.py

@@ -0,0 +1,19 @@
+# Copyright 2018 ACSONE SA/NV
+# License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl).
+
+{
+    "name": "Auth Api Key",
+    "summary": """
+        Authenticate http requests from an API key""",
+    "version": "19.0.1.0.1",
+    "license": "LGPL-3",
+    "author": "ACSONE SA/NV,Odoo Community Association (OCA)",
+    "website": "https://github.com/OCA/server-auth",
+    "development_status": "Production/Stable",
+    "depends": ["base_setup"],
+    "data": [
+        "security/ir.model.access.csv",
+        "views/auth_api_key.xml",
+        "views/res_config_settings.xml",
+    ],
+}

auth_api_key/i18n/auth_api_key.pot

@@ -0,0 +1,140 @@
+# Translation of Odoo Server.
+# This file contains the translation of the following modules:
+# 	* auth_api_key
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Odoo Server 18.0\n"
+"Report-Msgid-Bugs-To: \n"
+"Last-Translator: \n"
+"Language-Team: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: \n"
+"Plural-Forms: \n"
+
+#. module: auth_api_key
+#: model:ir.model,name:auth_api_key.model_auth_api_key
+msgid "API Key"
+msgstr ""
+
+#. module: auth_api_key
+#: model:ir.model.fields,field_description:auth_api_key.field_auth_api_key__active
+msgid "Active"
+msgstr ""
+
+#. module: auth_api_key
+#: model:ir.model.constraint,message:auth_api_key.constraint_auth_api_key_name_uniq
+msgid "Api Key name must be unique."
+msgstr ""
+
+#. module: auth_api_key
+#: model_terms:ir.ui.view,arch_db:auth_api_key.auth_api_key_form_view
+msgid "Archived"
+msgstr ""
+
+#. module: auth_api_key
+#: model:ir.actions.act_window,name:auth_api_key.auth_api_key_act_window
+#: model:ir.ui.menu,name:auth_api_key.auth_api_key_menu
+msgid "Auth Api Key"
+msgstr ""
+
+#. module: auth_api_key
+#: model:ir.model,name:auth_api_key.model_res_company
+msgid "Companies"
+msgstr ""
+
+#. module: auth_api_key
+#: model:ir.model,name:auth_api_key.model_res_config_settings
+msgid "Config Settings"
+msgstr ""
+
+#. module: auth_api_key
+#: model:ir.model.fields,field_description:auth_api_key.field_auth_api_key__create_uid
+msgid "Created by"
+msgstr ""
+
+#. module: auth_api_key
+#: model:ir.model.fields,field_description:auth_api_key.field_auth_api_key__create_date
+msgid "Created on"
+msgstr ""
+
+#. module: auth_api_key
+#: model:ir.model.fields,field_description:auth_api_key.field_res_company__archived_user_disable_auth_api_key
+#: model:ir.model.fields,field_description:auth_api_key.field_res_config_settings__archived_user_disable_auth_api_key
+msgid "Disable API key for archived user"
+msgstr ""
+
+#. module: auth_api_key
+#: model_terms:ir.ui.view,arch_db:auth_api_key.res_config_settings_view_form
+msgid "Disable API key when archiving user"
+msgstr ""
+
+#. module: auth_api_key
+#: model:ir.model.fields,field_description:auth_api_key.field_auth_api_key__display_name
+msgid "Display Name"
+msgstr ""
+
+#. module: auth_api_key
+#: model:ir.model,name:auth_api_key.model_ir_http
+msgid "HTTP Routing"
+msgstr ""
+
+#. module: auth_api_key
+#: model:ir.model.fields,field_description:auth_api_key.field_auth_api_key__id
+msgid "ID"
+msgstr ""
+
+#. module: auth_api_key
+#: model:ir.model.fields,help:auth_api_key.field_res_company__archived_user_disable_auth_api_key
+#: model:ir.model.fields,help:auth_api_key.field_res_config_settings__archived_user_disable_auth_api_key
+msgid ""
+"If checked, when a user is archived/unactivated the same change is "
+"propagated to his related api key. It is not retroactive (nothing is done  "
+"when enabling/disabling this option)."
+msgstr ""
+
+#. module: auth_api_key
+#: model:ir.model.fields,field_description:auth_api_key.field_auth_api_key__key
+msgid "Key"
+msgstr ""
+
+#. module: auth_api_key
+#: model:ir.model.fields,field_description:auth_api_key.field_auth_api_key__write_uid
+msgid "Last Updated by"
+msgstr ""
+
+#. module: auth_api_key
+#: model:ir.model.fields,field_description:auth_api_key.field_auth_api_key__write_date
+msgid "Last Updated on"
+msgstr ""
+
+#. module: auth_api_key
+#: model:ir.model.fields,field_description:auth_api_key.field_auth_api_key__name
+msgid "Name"
+msgstr ""
+
+#. module: auth_api_key
+#: model:ir.model.fields,help:auth_api_key.field_auth_api_key__key
+msgid ""
+"The API key. Enter a dummy value in this field if it is\n"
+"        obtained from the server environment configuration."
+msgstr ""
+
+#. module: auth_api_key
+#: model:ir.model.fields,help:auth_api_key.field_auth_api_key__user_id
+msgid ""
+"The user used to process the requests authenticated by\n"
+"        the api key"
+msgstr ""
+
+#. module: auth_api_key
+#: model:ir.model.fields,field_description:auth_api_key.field_auth_api_key__user_id
+msgid "User"
+msgstr ""
+
+#. module: auth_api_key
+#. odoo-python
+#: code:addons/auth_api_key/models/auth_api_key.py:0
+msgid "User is not allowed"
+msgstr ""