[REF] create a new module sql_request_abstract
Sylvain LE GAL
parent
21a9b84dc1
commit
59bbdc9889
|
|
@ -12,16 +12,21 @@ A new menu named Export is created.
|
|||
Known issues / Roadmap
|
||||
======================
|
||||
|
||||
Some words are prohibeted and can't be used is the query in anyways, even in a select query :
|
||||
* Some words are prohibeted and can't be used is the query in anyways, even in a select query :
|
||||
* delete
|
||||
* drop
|
||||
* insert
|
||||
* alter
|
||||
* truncate
|
||||
* execute
|
||||
* create
|
||||
* update
|
||||
|
||||
* delete
|
||||
* drop
|
||||
* insert
|
||||
* alter
|
||||
* truncate
|
||||
* execute
|
||||
* create
|
||||
* update
|
||||
See sql_request_abstract module to fix this issue.
|
||||
|
||||
* checking SQL request by execution and rollback is disabled in this module
|
||||
since variables features has been introduced. This can be fixed by
|
||||
overloading _prepare_request_check_execution() function.
|
||||
|
||||
|
||||
Bug Tracker
|
||||
|
|
|
|||
|
|
@ -19,21 +19,25 @@
|
|||
#
|
||||
##############################################################################
|
||||
|
||||
{'name': 'SQL Export',
|
||||
'version': '9.0.1.0.0',
|
||||
'author': 'Akretion,Odoo Community Association (OCA)',
|
||||
'website': 'http://www.akretion.com',
|
||||
'license': 'AGPL-3',
|
||||
'category': 'Generic Modules/Others',
|
||||
'summary': 'Export data in csv file with SQL requests',
|
||||
'depends': ['base',
|
||||
],
|
||||
'data': [
|
||||
'views/sql_export_view.xml',
|
||||
'wizard/wizard_file_view.xml',
|
||||
'security/sql_export_security.xml',
|
||||
'security/ir.model.access.csv',
|
||||
],
|
||||
'installable': True,
|
||||
'images': [],
|
||||
}
|
||||
{
|
||||
'name': 'SQL Export',
|
||||
'version': '9.0.1.0.0',
|
||||
'author': 'Akretion,Odoo Community Association (OCA)',
|
||||
'website': 'http://www.akretion.com',
|
||||
'license': 'AGPL-3',
|
||||
'category': 'Generic Modules/Others',
|
||||
'summary': 'Export data in csv file with SQL requests',
|
||||
'depends': [
|
||||
'sql_request_abstract',
|
||||
],
|
||||
'data': [
|
||||
'views/sql_export_view.xml',
|
||||
'wizard/wizard_file_view.xml',
|
||||
'security/sql_export_security.xml',
|
||||
'security/ir.model.access.csv',
|
||||
],
|
||||
'demo': [
|
||||
'demo/sql_export.xml',
|
||||
],
|
||||
'installable': True,
|
||||
}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,17 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
Copyright (C) 2017 - Today: GRAP (http://www.grap.coop)
|
||||
@author Sylvain LE GAL (https://twitter.com/legalsylvain)
|
||||
License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
|
||||
-->
|
||||
|
||||
<openerp><data>
|
||||
|
||||
<record id="sql_export_partner" model="sql.export">
|
||||
<field name="name">Export Partners (Demo Data)</field>
|
||||
<field name="query">SELECT name, street FROM res_partner;</field>
|
||||
</record>
|
||||
|
||||
<function model="sql.export" name="button_clean_check_request" eval="([ref('sql_export.sql_export_partner')])"/>
|
||||
|
||||
</data></openerp>
|
||||
|
|
@ -6,8 +6,8 @@ msgid ""
|
|||
msgstr ""
|
||||
"Project-Id-Version: Odoo Server 8.0\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2016-02-05 13:10+0000\n"
|
||||
"PO-Revision-Date: 2016-02-05 13:10+0000\n"
|
||||
"POT-Creation-Date: 2017-02-27 12:18+0000\n"
|
||||
"PO-Revision-Date: 2017-02-27 12:18+0000\n"
|
||||
"Last-Translator: <>\n"
|
||||
"Language-Team: \n"
|
||||
"MIME-Version: 1.0\n"
|
||||
|
|
@ -21,6 +21,7 @@ msgid "Allow the user to save the file with sql request's data"
|
|||
msgstr "Permet à l'utilisateur de sauvegarder le fichier contenant les données de la requête SQL"
|
||||
|
||||
#. module: sql_export
|
||||
#: view:sql.export:sql_export.sql_export_view_form
|
||||
#: field:sql.export,group_ids:0
|
||||
msgid "Allowed Groups"
|
||||
msgstr "Groupes Autorisés"
|
||||
|
|
@ -31,15 +32,20 @@ msgstr "Groupes Autorisés"
|
|||
msgid "Allowed Users"
|
||||
msgstr "Utilisateurs Autorisés"
|
||||
|
||||
#. module: sql_export
|
||||
#: view:sql.file.wizard:sql_export.sql_file_wizard_view_form
|
||||
msgid "Cancel"
|
||||
msgstr "Annuler"
|
||||
|
||||
#. module: sql_export
|
||||
#: view:sql.export:sql_export.sql_export_view_form
|
||||
msgid "Allowed Users Groups"
|
||||
msgstr "Groupes d'utilisateurs Autorisés"
|
||||
msgid "Clean and Check Request"
|
||||
msgstr "Corriger et vérifier la requête"
|
||||
|
||||
#. module: sql_export
|
||||
#: field:sql.export,copy_options:0
|
||||
msgid "Copy Options"
|
||||
msgstr "Copy Options"
|
||||
msgstr "Options de copie"
|
||||
|
||||
#. module: sql_export
|
||||
#: field:sql.export,create_uid:0
|
||||
|
|
@ -58,10 +64,32 @@ msgstr "Créé le"
|
|||
msgid "Csv File"
|
||||
msgstr "Fichier CSV"
|
||||
|
||||
#. module: sql_export
|
||||
#: field:sql.export,display_name:0
|
||||
#: field:sql.file.wizard,display_name:0
|
||||
msgid "Display Name"
|
||||
msgstr "Nom affiché"
|
||||
|
||||
#. module: sql_export
|
||||
#: selection:sql.export,state:0
|
||||
msgid "Draft"
|
||||
msgstr "En brouillon"
|
||||
|
||||
#. module: sql_export
|
||||
#: view:sql.export:sql_export.sql_export_view_form
|
||||
#: view:sql.export:sql_export.sql_export_view_tree
|
||||
msgid "Execute Query"
|
||||
msgstr "Exécuter"
|
||||
msgstr "Execute la requête"
|
||||
|
||||
#. module: sql_export
|
||||
#: view:sql.file.wizard:sql_export.sql_file_wizard_view_form
|
||||
msgid "Export"
|
||||
msgstr "Exporter"
|
||||
|
||||
#. module: sql_export
|
||||
#: view:sql.file.wizard:sql_export.sql_file_wizard_view_form
|
||||
msgid "Export file"
|
||||
msgstr "Fichier d'export"
|
||||
|
||||
#. module: sql_export
|
||||
#: field:sql.file.wizard,binary_file:0
|
||||
|
|
@ -71,7 +99,7 @@ msgstr "Fichier"
|
|||
#. module: sql_export
|
||||
#: field:sql.file.wizard,file_name:0
|
||||
msgid "File Name"
|
||||
msgstr "Nom du fichier"
|
||||
msgstr "Nom de fichier"
|
||||
|
||||
#. module: sql_export
|
||||
#: field:sql.export,id:0
|
||||
|
|
@ -79,39 +107,78 @@ msgstr "Nom du fichier"
|
|||
msgid "ID"
|
||||
msgstr "ID"
|
||||
|
||||
#. module: sql_export
|
||||
#: field:sql.export,__last_update:0
|
||||
#: field:sql.file.wizard,__last_update:0
|
||||
msgid "Last Modified on"
|
||||
msgstr "Dernière modification le"
|
||||
|
||||
#. module: sql_export
|
||||
#: field:sql.export,write_uid:0
|
||||
#: field:sql.file.wizard,write_uid:0
|
||||
msgid "Last Updated by"
|
||||
msgstr "Last Updated by"
|
||||
msgstr "Dernière mise à jour par"
|
||||
|
||||
#. module: sql_export
|
||||
#: field:sql.export,write_date:0
|
||||
#: field:sql.file.wizard,write_date:0
|
||||
msgid "Last Updated on"
|
||||
msgstr "Last Updated on"
|
||||
msgstr "Dernière mise à jour le"
|
||||
|
||||
#. module: sql_export
|
||||
#: field:sql.export,name:0
|
||||
msgid "Name"
|
||||
msgstr "Nom"
|
||||
|
||||
#. module: sql_export
|
||||
#: view:sql.export:sql_export.sql_export_view_form
|
||||
#: field:sql.export,field_ids:0
|
||||
msgid "Parameters"
|
||||
msgstr "Paramètres"
|
||||
|
||||
#. module: sql_export
|
||||
#: field:sql.export,query:0
|
||||
msgid "Query"
|
||||
msgstr "Requête"
|
||||
|
||||
#. module: sql_export
|
||||
#: view:sql.export:sql_export.sql_export_view_form
|
||||
msgid "Request Name"
|
||||
msgstr "Nom de la requête"
|
||||
|
||||
#. module: sql_export
|
||||
#: model:ir.actions.act_window,name:sql_export.sql_export_tree_action
|
||||
#: view:sql.export:sql_export.sql_export_view_tree
|
||||
msgid "SQL Export"
|
||||
msgstr "SQL Export"
|
||||
msgstr "Export SQL"
|
||||
|
||||
#. module: sql_export
|
||||
#: model:ir.actions.act_window,name:sql_export.sql_parameter_tree_action
|
||||
#: view:ir.model.fields:sql_export.sql_parameter_view_tree
|
||||
msgid "SQL Parameter"
|
||||
msgstr "Paramètre SQL"
|
||||
|
||||
#. module: sql_export
|
||||
#: view:sql.export:sql_export.sql_export_view_form
|
||||
msgid "SQL Request"
|
||||
msgstr "Requête SQL"
|
||||
|
||||
#. module: sql_export
|
||||
#: selection:sql.export,state:0
|
||||
msgid "SQL Valid"
|
||||
msgstr "SQL Validé"
|
||||
|
||||
#. module: sql_export
|
||||
#: model:ir.model,name:sql_export.model_sql_export
|
||||
#: view:ir.model.fields:sql_export.sql_parameter_view_form
|
||||
#: view:sql.export:sql_export.sql_export_view_form
|
||||
msgid "SQL export"
|
||||
msgstr "Export SQL"
|
||||
msgstr "export SQL"
|
||||
|
||||
#. module: sql_export
|
||||
#: view:sql.export:sql_export.sql_export_view_form
|
||||
msgid "Set to Draft"
|
||||
msgstr "Remettre en brouillon"
|
||||
|
||||
#. module: sql_export
|
||||
#: model:ir.ui.menu,name:sql_export.sql_export_menu
|
||||
|
|
@ -120,23 +187,46 @@ msgid "Sql Export"
|
|||
msgstr "Export SQL"
|
||||
|
||||
#. module: sql_export
|
||||
#: model:res.groups,name:sql_export.group_sql_request_editor
|
||||
msgid "Sql Request Editor"
|
||||
msgstr "Edition de Requête SQL"
|
||||
#: model:ir.ui.menu,name:sql_export.sql_parameter_menu_view
|
||||
msgid "Sql Export Variables"
|
||||
msgstr "Variables d'export SQL"
|
||||
|
||||
#. module: sql_export
|
||||
#: code:addons/sql_export/sql_export.py:132
|
||||
#, python-format
|
||||
msgid "The Sql query is not valid."
|
||||
msgstr "La requête SQL n'est pas valide"
|
||||
#: field:sql.file.wizard,sql_export_id:0
|
||||
msgid "Sql export id"
|
||||
msgstr "Sql export id"
|
||||
|
||||
#. module: sql_export
|
||||
#: constraint:sql.export:0
|
||||
msgid "The query you want make is not allowed : prohibited actions (delete, drop, insert, alter, truncate, execute, create, update)"
|
||||
msgstr "La requête que vous voulez faire n'est pas autorisée : actions interdites (delete, drop, insert, alter, truncate, execute, create, update)"
|
||||
#: field:sql.export,state:0
|
||||
msgid "State"
|
||||
msgstr "Etat"
|
||||
|
||||
#. module: sql_export
|
||||
#: help:sql.export,state:0
|
||||
msgid "State of the Request:\n"
|
||||
" * 'Draft': Not tested\n"
|
||||
" * 'SQL Valid': SQL Request has been checked and is valid"
|
||||
msgstr "Etat de la requête:\n"
|
||||
" * 'En brouillon': non testée\n"
|
||||
" * 'SQL Validé': La requête SQL a été vérifiée et est valide"
|
||||
|
||||
#. module: sql_export
|
||||
#: help:sql.export,query:0
|
||||
msgid "You can't use the following word : delete, drop, create, insert, alter, truncate, execute, update"
|
||||
msgstr "Vous ne pouvez pas utiliser les mots suivants : delete, drop, create, insert, alter, truncate, execute, update"
|
||||
msgid "You can't use the following words: DELETE, DROP, CREATE, INSERT, ALTER, TRUNCATE, EXECUTE, UPDATE"
|
||||
msgstr "Vous ne pouvez pas utiliser les termes suivants : DELETE, DROP, CREATE, INSERT, ALTER, TRUNCATE, EXECUTE, UPDATE"
|
||||
|
||||
#. module: sql_export
|
||||
#: view:sql.file.wizard:sql_export.sql_file_wizard_view_form
|
||||
msgid "or"
|
||||
msgstr "ou"
|
||||
|
||||
#. module: sql_export
|
||||
#: view:sql.export:sql_export.sql_export_view_form
|
||||
msgid "select * from res_partner"
|
||||
msgstr "select * from res_partner"
|
||||
|
||||
#. module: sql_export
|
||||
#: view:sql.file.wizard:sql_export.sql_file_wizard_view_form
|
||||
msgid "variables_placeholder"
|
||||
msgstr "variables_placeholder"
|
||||
|
||||
|
|
|
|||
|
|
@ -6,8 +6,8 @@ msgid ""
|
|||
msgstr ""
|
||||
"Project-Id-Version: Odoo Server 8.0\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2016-02-05 13:10+0000\n"
|
||||
"PO-Revision-Date: 2016-02-05 13:10+0000\n"
|
||||
"POT-Creation-Date: 2017-02-27 12:24+0000\n"
|
||||
"PO-Revision-Date: 2017-02-27 12:24+0000\n"
|
||||
"Last-Translator: <>\n"
|
||||
"Language-Team: \n"
|
||||
"MIME-Version: 1.0\n"
|
||||
|
|
@ -21,6 +21,7 @@ msgid "Allow the user to save the file with sql request's data"
|
|||
msgstr ""
|
||||
|
||||
#. module: sql_export
|
||||
#: view:sql.export:sql_export.sql_export_view_form
|
||||
#: field:sql.export,group_ids:0
|
||||
msgid "Allowed Groups"
|
||||
msgstr ""
|
||||
|
|
@ -31,9 +32,14 @@ msgstr ""
|
|||
msgid "Allowed Users"
|
||||
msgstr ""
|
||||
|
||||
#. module: sql_export
|
||||
#: view:sql.file.wizard:sql_export.sql_file_wizard_view_form
|
||||
msgid "Cancel"
|
||||
msgstr ""
|
||||
|
||||
#. module: sql_export
|
||||
#: view:sql.export:sql_export.sql_export_view_form
|
||||
msgid "Allowed Users Groups"
|
||||
msgid "Clean and Check Request"
|
||||
msgstr ""
|
||||
|
||||
#. module: sql_export
|
||||
|
|
@ -58,11 +64,33 @@ msgstr ""
|
|||
msgid "Csv File"
|
||||
msgstr ""
|
||||
|
||||
#. module: sql_export
|
||||
#: field:sql.export,display_name:0
|
||||
#: field:sql.file.wizard,display_name:0
|
||||
msgid "Display Name"
|
||||
msgstr ""
|
||||
|
||||
#. module: sql_export
|
||||
#: selection:sql.export,state:0
|
||||
msgid "Draft"
|
||||
msgstr ""
|
||||
|
||||
#. module: sql_export
|
||||
#: view:sql.export:sql_export.sql_export_view_form
|
||||
#: view:sql.export:sql_export.sql_export_view_tree
|
||||
msgid "Execute Query"
|
||||
msgstr ""
|
||||
|
||||
#. module: sql_export
|
||||
#: view:sql.file.wizard:sql_export.sql_file_wizard_view_form
|
||||
msgid "Export"
|
||||
msgstr ""
|
||||
|
||||
#. module: sql_export
|
||||
#: view:sql.file.wizard:sql_export.sql_file_wizard_view_form
|
||||
msgid "Export file"
|
||||
msgstr ""
|
||||
|
||||
#. module: sql_export
|
||||
#: field:sql.file.wizard,binary_file:0
|
||||
msgid "File"
|
||||
|
|
@ -79,6 +107,12 @@ msgstr ""
|
|||
msgid "ID"
|
||||
msgstr ""
|
||||
|
||||
#. module: sql_export
|
||||
#: field:sql.export,__last_update:0
|
||||
#: field:sql.file.wizard,__last_update:0
|
||||
msgid "Last Modified on"
|
||||
msgstr ""
|
||||
|
||||
#. module: sql_export
|
||||
#: field:sql.export,write_uid:0
|
||||
#: field:sql.file.wizard,write_uid:0
|
||||
|
|
@ -96,23 +130,56 @@ msgstr ""
|
|||
msgid "Name"
|
||||
msgstr ""
|
||||
|
||||
#. module: sql_export
|
||||
#: view:sql.export:sql_export.sql_export_view_form
|
||||
#: field:sql.export,field_ids:0
|
||||
msgid "Parameters"
|
||||
msgstr ""
|
||||
|
||||
#. module: sql_export
|
||||
#: field:sql.export,query:0
|
||||
msgid "Query"
|
||||
msgstr ""
|
||||
|
||||
#. module: sql_export
|
||||
#: view:sql.export:sql_export.sql_export_view_form
|
||||
msgid "Request Name"
|
||||
msgstr ""
|
||||
|
||||
#. module: sql_export
|
||||
#: model:ir.actions.act_window,name:sql_export.sql_export_tree_action
|
||||
#: view:sql.export:sql_export.sql_export_view_tree
|
||||
msgid "SQL Export"
|
||||
msgstr ""
|
||||
|
||||
#. module: sql_export
|
||||
#: model:ir.actions.act_window,name:sql_export.sql_parameter_tree_action
|
||||
#: view:ir.model.fields:sql_export.sql_parameter_view_tree
|
||||
msgid "SQL Parameter"
|
||||
msgstr ""
|
||||
|
||||
#. module: sql_export
|
||||
#: view:sql.export:sql_export.sql_export_view_form
|
||||
msgid "SQL Request"
|
||||
msgstr ""
|
||||
|
||||
#. module: sql_export
|
||||
#: selection:sql.export,state:0
|
||||
msgid "SQL Valid"
|
||||
msgstr ""
|
||||
|
||||
#. module: sql_export
|
||||
#: model:ir.model,name:sql_export.model_sql_export
|
||||
#: view:ir.model.fields:sql_export.sql_parameter_view_form
|
||||
#: view:sql.export:sql_export.sql_export_view_form
|
||||
msgid "SQL export"
|
||||
msgstr ""
|
||||
|
||||
#. module: sql_export
|
||||
#: view:sql.export:sql_export.sql_export_view_form
|
||||
msgid "Set to Draft"
|
||||
msgstr ""
|
||||
|
||||
#. module: sql_export
|
||||
#: model:ir.ui.menu,name:sql_export.sql_export_menu
|
||||
#: model:ir.ui.menu,name:sql_export.sql_export_menu_view
|
||||
|
|
@ -120,23 +187,44 @@ msgid "Sql Export"
|
|||
msgstr ""
|
||||
|
||||
#. module: sql_export
|
||||
#: model:res.groups,name:sql_export.group_sql_request_editor
|
||||
msgid "Sql Request Editor"
|
||||
#: model:ir.ui.menu,name:sql_export.sql_parameter_menu_view
|
||||
msgid "Sql Export Variables"
|
||||
msgstr ""
|
||||
|
||||
#. module: sql_export
|
||||
#: code:addons/sql_export/sql_export.py:132
|
||||
#, python-format
|
||||
msgid "The Sql query is not valid."
|
||||
#: field:sql.file.wizard,sql_export_id:0
|
||||
msgid "Sql export id"
|
||||
msgstr ""
|
||||
|
||||
#. module: sql_export
|
||||
#: constraint:sql.export:0
|
||||
msgid "The query you want make is not allowed : prohibited actions (delete, drop, insert, alter, truncate, execute, create, update)"
|
||||
#: field:sql.export,state:0
|
||||
msgid "State"
|
||||
msgstr ""
|
||||
|
||||
#. module: sql_export
|
||||
#: help:sql.export,state:0
|
||||
msgid "State of the Request:\n"
|
||||
" * 'Draft': Not tested\n"
|
||||
" * 'SQL Valid': SQL Request has been checked and is valid"
|
||||
msgstr ""
|
||||
|
||||
#. module: sql_export
|
||||
#: help:sql.export,query:0
|
||||
msgid "You can't use the following word : delete, drop, create, insert, alter, truncate, execute, update"
|
||||
msgid "You can't use the following words: DELETE, DROP, CREATE, INSERT, ALTER, TRUNCATE, EXECUTE, UPDATE"
|
||||
msgstr ""
|
||||
|
||||
#. module: sql_export
|
||||
#: view:sql.file.wizard:sql_export.sql_file_wizard_view_form
|
||||
msgid "or"
|
||||
msgstr ""
|
||||
|
||||
#. module: sql_export
|
||||
#: view:sql.export:sql_export.sql_export_view_form
|
||||
msgid "select * from res_partner"
|
||||
msgstr ""
|
||||
|
||||
#. module: sql_export
|
||||
#: view:sql.file.wizard:sql_export.sql_file_wizard_view_form
|
||||
msgid "variables_placeholder"
|
||||
msgstr ""
|
||||
|
||||
|
|
|
|||
|
|
@ -19,65 +19,24 @@
|
|||
#
|
||||
##############################################################################
|
||||
|
||||
import re
|
||||
from openerp import models, fields, api
|
||||
|
||||
|
||||
class SqlExport(models.Model):
|
||||
_name = "sql.export"
|
||||
_inherit = ['sql.request.mixin']
|
||||
_description = "SQL export"
|
||||
|
||||
PROHIBITED_WORDS = [
|
||||
'delete',
|
||||
'drop',
|
||||
'insert',
|
||||
'alter',
|
||||
'truncate',
|
||||
'execute',
|
||||
'create',
|
||||
'update'
|
||||
]
|
||||
_sql_request_groups_relation = 'groups_sqlquery_rel'
|
||||
|
||||
@api.multi
|
||||
def _check_query_allowed(self):
|
||||
for obj in self:
|
||||
query = obj.query.lower()
|
||||
for word in self.PROHIBITED_WORDS:
|
||||
expr = r'\b%s\b' % word
|
||||
is_not_safe = re.search(expr, query)
|
||||
if is_not_safe:
|
||||
return False
|
||||
return True
|
||||
_sql_request_users_relation = 'users_sqlquery_rel'
|
||||
|
||||
@api.model
|
||||
def _get_editor_group(self):
|
||||
ir_model_obj = self.env['ir.model.data']
|
||||
return [ir_model_obj.xmlid_to_res_id(
|
||||
'sql_export.group_sql_request_editor')]
|
||||
_check_execution_enabled = False
|
||||
|
||||
name = fields.Char('Name', required=True)
|
||||
query = fields.Text(
|
||||
'Query',
|
||||
required=True,
|
||||
help="You can't use the following word : delete, drop, create, "
|
||||
"insert, alter, truncate, execute, update")
|
||||
copy_options = fields.Char(
|
||||
'Copy Options',
|
||||
required=True,
|
||||
string='Copy Options', required=True,
|
||||
default="CSV HEADER DELIMITER ';'")
|
||||
group_ids = fields.Many2many(
|
||||
'res.groups',
|
||||
'groups_sqlquery_rel',
|
||||
'sql_id',
|
||||
'group_id',
|
||||
'Allowed Groups',
|
||||
default=_get_editor_group)
|
||||
user_ids = fields.Many2many(
|
||||
'res.users',
|
||||
'users_sqlquery_rel',
|
||||
'sql_id',
|
||||
'user_id',
|
||||
'Allowed Users')
|
||||
|
||||
field_ids = fields.Many2many(
|
||||
'ir.model.fields',
|
||||
'fields_sqlquery_rel',
|
||||
|
|
@ -85,18 +44,11 @@ class SqlExport(models.Model):
|
|||
'field_id',
|
||||
'Parameters',
|
||||
domain=[('model', '=', 'sql.file.wizard')])
|
||||
valid = fields.Boolean()
|
||||
|
||||
_constraints = [(_check_query_allowed,
|
||||
'The query you want make is not allowed : prohibited '
|
||||
'actions (%s)' % ', '.join(PROHIBITED_WORDS),
|
||||
['query'])]
|
||||
|
||||
@api.multi
|
||||
def export_sql_query(self):
|
||||
self.ensure_one()
|
||||
wiz = self.env['sql.file.wizard'].create({
|
||||
'valid': self.valid,
|
||||
'sql_export_id': self.id})
|
||||
return {
|
||||
'view_type': 'form',
|
||||
|
|
@ -108,31 +60,3 @@ class SqlExport(models.Model):
|
|||
'context': self._context,
|
||||
'nodestroy': True,
|
||||
}
|
||||
|
||||
@api.model
|
||||
def check_query_syntax(self, vals):
|
||||
if vals.get('query', False):
|
||||
vals['query'] = vals['query'].strip()
|
||||
if vals['query'][-1] == ';':
|
||||
vals['query'] = vals['query'][:-1]
|
||||
# Can't test the query because of variables
|
||||
# try:
|
||||
# self.env.cr.execute(vals['query'])
|
||||
# except:
|
||||
# raise exceptions.Warning(
|
||||
# _("The Sql query is not valid."))
|
||||
# finally:
|
||||
# self.env.cr.rollback()
|
||||
return vals
|
||||
|
||||
@api.multi
|
||||
def write(self, vals):
|
||||
vals = self.check_query_syntax(vals)
|
||||
if 'query' in vals:
|
||||
vals['valid'] = False
|
||||
return super(SqlExport, self).write(vals)
|
||||
|
||||
@api.model
|
||||
def create(self, vals):
|
||||
vals = self.check_query_syntax(vals)
|
||||
return super(SqlExport, self).create(vals)
|
||||
|
|
|
|||
|
|
@ -1,3 +1,3 @@
|
|||
"id","name","model_id:id","group_id:id","perm_read","perm_write","perm_create","perm_unlink"
|
||||
"access_sql_export_all","access_sql_export_all","model_sql_export",,1,0,0,0
|
||||
"access_sql_export_editor","access_sql_export_editor","model_sql_export",group_sql_request_editor,1,1,1,1
|
||||
"access_sql_export_editor","access_sql_export_editor","model_sql_export",sql_request_abstract.group_sql_request_manager,1,1,1,1
|
||||
|
|
|
|||
|
|
|
@ -2,11 +2,6 @@
|
|||
<openerp>
|
||||
<data noupdate="0">
|
||||
|
||||
<record model="res.groups" id="group_sql_request_editor">
|
||||
<field name="name">Sql Request Editor</field>
|
||||
<field name="users" eval="[(4, ref('base.user_root'))]"/>
|
||||
</record>
|
||||
|
||||
<record model="ir.rule" id="sql_export_restric_access_user_or_group">
|
||||
<field name="name" >SQL Export users and groups rules</field>
|
||||
<field name="model_id" ref="model_sql_export"/>
|
||||
|
|
|
|||
|
|
@ -20,35 +20,27 @@
|
|||
##############################################################################
|
||||
import base64
|
||||
from openerp.tests.common import TransactionCase
|
||||
from openerp import exceptions
|
||||
from openerp.exceptions import Warning as UserError
|
||||
|
||||
|
||||
class TestExportSqlQuery(TransactionCase):
|
||||
|
||||
def setUp(self):
|
||||
super(TestExportSqlQuery, self).setUp()
|
||||
query_vals = {
|
||||
'name': 'test',
|
||||
'query': "SELECT name, street FROM res_partner;"
|
||||
}
|
||||
self.sql_model = self.registry('sql.export')
|
||||
self.query_id = self.sql_model.create(
|
||||
self.cr,
|
||||
self.uid,
|
||||
query_vals)
|
||||
self.sql_export_obj = self.env['sql.export']
|
||||
self.wizard_obj = self.env['sql.file.wizard']
|
||||
self.sql_report_demo = self.env.ref('sql_export.sql_export_partner')
|
||||
|
||||
def test_sql_query(self):
|
||||
test = self.sql_model.export_sql_query(
|
||||
self.cr, self.uid, [self.query_id])
|
||||
self.registry('sql.file.wizard').export_sql(
|
||||
self.cr, self.uid, test['res_id'])
|
||||
wizard = self.registry('sql.file.wizard').browse(
|
||||
self.cr, self.uid, test['res_id'])
|
||||
wizard = self.wizard_obj.create({
|
||||
'sql_export_id': self.sql_report_demo.id,
|
||||
})
|
||||
wizard.export_sql()
|
||||
export = base64.b64decode(wizard.binary_file)
|
||||
self.assertEqual(export.split(';')[0], 'name')
|
||||
self.assertTrue(len(export.split(';')) > 6)
|
||||
|
||||
def test_prohibited_queries_creation(self):
|
||||
def test_prohibited_queries(self):
|
||||
prohibited_queries = [
|
||||
"upDaTe res_partner SET name = 'test' WHERE id = 1",
|
||||
"DELETE FROM sql_export WHERE name = 'test';",
|
||||
|
|
@ -60,14 +52,22 @@ class TestExportSqlQuery(TransactionCase):
|
|||
""",
|
||||
]
|
||||
for query in prohibited_queries:
|
||||
with self.assertRaises(exceptions.ValidationError):
|
||||
self.sql_model.create(
|
||||
self.cr, self.uid,
|
||||
{'name': 'test_prohibited',
|
||||
'query': query})
|
||||
ok_query = {
|
||||
'name': 'test ok',
|
||||
'query': "SELECT create_date FROM res_partner"
|
||||
}
|
||||
query_id = self.sql_model.create(self.cr, self.uid, ok_query)
|
||||
self.assertIsNotNone(query_id)
|
||||
with self.assertRaises(UserError):
|
||||
sql_export = self.sql_export_obj.create({
|
||||
'name': 'test_prohibited',
|
||||
'query': query})
|
||||
sql_export.button_clean_check_request()
|
||||
|
||||
def test_authorized_queries(self):
|
||||
authorized_queries = [
|
||||
"SELECT create_date FROM res_partner",
|
||||
]
|
||||
|
||||
for query in authorized_queries:
|
||||
sql_export = self.sql_export_obj.create({
|
||||
'name': 'test_authorized',
|
||||
'query': query})
|
||||
sql_export.button_clean_check_request()
|
||||
self.assertEqual(
|
||||
sql_export.state, 'sql_valid',
|
||||
"%s is a valid request" % (query))
|
||||
|
|
|
|||
|
|
@ -8,26 +8,40 @@
|
|||
<field name="model">sql.export</field>
|
||||
<field name="arch" type="xml">
|
||||
<form string="SQL export">
|
||||
<group col="2">
|
||||
<group colspan="2" col="5">
|
||||
<label for="name" colspan="1"/>
|
||||
<field name="name" colspan="2" nolabel="1"/>
|
||||
<button name="export_sql_query" string="Execute Query" type="object" class="oe_highlight" icon="gtk-execute" colspan="2"/>
|
||||
<label for="query" colspan="1"/>
|
||||
<field name="query" nolabel="1" colspan="4"/>
|
||||
<label for="Copy Options" colspan="1"/>
|
||||
<field name="copy_options" nolabel="1" colspan="4"/>
|
||||
</group>
|
||||
<group groups="sql_export.group_sql_request_editor" string="Parameters">
|
||||
<field name="field_ids" nolabel="1"/>
|
||||
</group>
|
||||
<group colspan="2" col="2" groups="sql_export.group_sql_request_editor">
|
||||
<separator string="Allowed Users" colspan="1"/>
|
||||
<separator string="Allowed Users Groups" colspan="1"/>
|
||||
<sheet>
|
||||
<header>
|
||||
<button name="button_clean_check_request" type="object" states="draft"
|
||||
string="Clean and Check Request" class="oe_highlight"/>
|
||||
<button name="button_set_draft" type="object" states="sql_valid"
|
||||
string="Set to Draft" groups="sql_request_abstract.group_sql_request_manager"/>
|
||||
<button name="export_sql_query" string="Execute Query" states="sql_valid" type="object" class="oe_highlight"
|
||||
icon="gtk-execute"/>
|
||||
<field name="state" widget="statusbar" />
|
||||
</header>
|
||||
<group>
|
||||
<h1>
|
||||
<field name="name" nolabel="1" placeholder="Request Name"/>
|
||||
</h1>
|
||||
</group>
|
||||
<group name="option" groups="sql_request_abstract.group_sql_request_user">
|
||||
<field name="copy_options"/>
|
||||
</group>
|
||||
<group name="request" string="SQL Request" groups="sql_request_abstract.group_sql_request_user">
|
||||
<field name="query" nolabel="1" placeholder="select * from res_partner"/>
|
||||
</group>
|
||||
<group string="Parameters" groups="sql_request_abstract.group_sql_request_user">
|
||||
<field name="field_ids" nolabel="1"/>
|
||||
</group>
|
||||
<group groups="sql_request_abstract.group_sql_request_manager">
|
||||
<group string="Allowed Users">
|
||||
<field name="user_ids" nolabel="1"/>
|
||||
</group>
|
||||
<group string="Allowed Groups">
|
||||
<field name="group_ids" nolabel="1"/>
|
||||
</group>
|
||||
|
||||
</group>
|
||||
</sheet>
|
||||
</form>
|
||||
</field>
|
||||
</record>
|
||||
|
|
@ -36,9 +50,11 @@
|
|||
<field name="name">Sql_export_tree_view</field>
|
||||
<field name="model">sql.export</field>
|
||||
<field name="arch" type="xml">
|
||||
<tree string="SQL Export" colors="red:valid == False">
|
||||
<tree string="SQL Export" colors="blue:state == 'draft'">
|
||||
<field name="name"/>
|
||||
<field name="valid" invisible="1"/>
|
||||
<field name="state"/>
|
||||
<button name="export_sql_query" string="Execute Query" states="sql_valid" type="object"
|
||||
icon="gtk-execute"/>
|
||||
</tree>
|
||||
</field>
|
||||
</record>
|
||||
|
|
@ -84,7 +100,7 @@
|
|||
<field name="domain">[('model','=','sql.file.wizard')]</field>
|
||||
</record>
|
||||
|
||||
<menuitem id="sql_parameter_menu_view" name="Sql Export Variables" parent="sql_export_menu" action="sql_parameter_tree_action" sequence="5"/>
|
||||
<menuitem id="sql_parameter_menu_view" name="Sql Export Variables" parent="sql_export_menu" action="sql_parameter_tree_action" sequence="5" groups="sql_request_abstract.group_sql_request_manager"/>
|
||||
|
||||
|
||||
</data>
|
||||
|
|
|
|||
|
|
@ -18,14 +18,12 @@
|
|||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
##############################################################################
|
||||
from openerp import models, fields, api
|
||||
from openerp.osv.orm import setup_modifiers
|
||||
import StringIO
|
||||
import base64
|
||||
|
||||
import datetime
|
||||
from lxml import etree
|
||||
|
||||
from openerp import models, fields, api, osv
|
||||
from openerp.tools import DEFAULT_SERVER_DATETIME_FORMAT
|
||||
import uuid
|
||||
|
||||
|
||||
class SqlFileWizard(models.TransientModel):
|
||||
|
|
@ -34,7 +32,6 @@ class SqlFileWizard(models.TransientModel):
|
|||
|
||||
binary_file = fields.Binary('File', readonly=True)
|
||||
file_name = fields.Char('File Name', readonly=True)
|
||||
valid = fields.Boolean()
|
||||
sql_export_id = fields.Many2one(comodel_name='sql.export', required=True)
|
||||
|
||||
@api.model
|
||||
|
|
@ -58,7 +55,8 @@ class SqlFileWizard(models.TransientModel):
|
|||
kwargs = {'name': "%s" % field.name}
|
||||
toupdate_fields.append(field.name)
|
||||
view_field = etree.SubElement(group, 'field', **kwargs)
|
||||
setup_modifiers(view_field, self.fields_get(field.name))
|
||||
osv.orm.setup_modifiers(
|
||||
view_field, self.fields_get(field.name))
|
||||
|
||||
res['fields'].update(self.fields_get(toupdate_fields))
|
||||
placeholder = eview.xpath(
|
||||
|
|
@ -72,12 +70,13 @@ class SqlFileWizard(models.TransientModel):
|
|||
def export_sql(self):
|
||||
self.ensure_one()
|
||||
sql_export = self.sql_export_id
|
||||
|
||||
# Manage Params
|
||||
variable_dict = {}
|
||||
today = datetime.datetime.now()
|
||||
today_tz = fields.Datetime.context_timestamp(
|
||||
sql_export, today)
|
||||
date = today_tz.strftime(DEFAULT_SERVER_DATETIME_FORMAT)
|
||||
output = StringIO.StringIO()
|
||||
variable_dict = {}
|
||||
if sql_export.field_ids:
|
||||
for field in sql_export.field_ids:
|
||||
variable_dict[field.name] = self[field.name]
|
||||
|
|
@ -85,25 +84,16 @@ class SqlFileWizard(models.TransientModel):
|
|||
variable_dict['company_id'] = self.env.user.company_id.id
|
||||
if "%(user_id)s" in sql_export.query:
|
||||
variable_dict['user_id'] = self._uid
|
||||
format_query = self.env.cr.mogrify(
|
||||
sql_export.query, variable_dict).decode('utf-8')
|
||||
query = "COPY (" + format_query + ") TO STDOUT WITH " + \
|
||||
sql_export.copy_options
|
||||
name = 'export_query_%s' % uuid.uuid1().hex
|
||||
self.env.cr.execute("SAVEPOINT %s" % name)
|
||||
try:
|
||||
self.env.cr.copy_expert(query, output)
|
||||
output.getvalue()
|
||||
new_output = base64.b64encode(output.getvalue())
|
||||
output.close()
|
||||
finally:
|
||||
self.env.cr.execute("ROLLBACK TO SAVEPOINT %s" % name)
|
||||
|
||||
# Execute Request
|
||||
res = sql_export._execute_sql_request(
|
||||
params=variable_dict, mode='stdout',
|
||||
copy_options=sql_export.copy_options)
|
||||
|
||||
self.write({
|
||||
'binary_file': new_output,
|
||||
'binary_file': res,
|
||||
'file_name': sql_export.name + '_' + date + '.csv'
|
||||
})
|
||||
if not sql_export.valid:
|
||||
sql_export.sudo().valid = True
|
||||
return {
|
||||
'view_type': 'form',
|
||||
'view_mode': 'form',
|
||||
|
|
|
|||
|
|
@ -7,11 +7,9 @@
|
|||
<field name="model">sql.file.wizard</field>
|
||||
<field name="arch" type="xml">
|
||||
<form string="Csv File">
|
||||
<separator string="Warning untested export" attrs="{'invisible': [('valid', '=', True)]}"/>
|
||||
<separator string="variables_placeholder" colspan="4" invisible="1"/>
|
||||
<separator string="Export file" colspan="4"
|
||||
attrs="{'invisible': [('binary_file', '=', False)]}"/>
|
||||
<field name="valid" invisible="1"/>
|
||||
<field name="binary_file" filename="file_name"/>
|
||||
<field name="file_name" invisible="1"/>
|
||||
<footer>
|
||||
|
|
|
|||
Loading…
Reference in New Issue