Techsystech
/
OCA_Reporting_engine_17.0
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[REF] create a new module sql_request_abstract

pull/553/head
Sylvain LE GAL 2017-02-22 03:58:01 +01:00 committed by mariadforgeflow
parent 97a19be378
commit c8743f4c0b
12 changed files with 350 additions and 223 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
sql_export/README.rst
View File

@ -12,16 +12,21 @@ A new menu named Export is created.
Known issues / Roadmap Known issues / Roadmap
====================== ======================
Some words are prohibeted and can't be used is the query in anyways, even in a select query : * Some words are prohibeted and can't be used is the query in anyways, even in a select query :
* delete
* drop
* insert
* alter
* truncate
* execute
* create
* update
* delete See sql_request_abstract module to fix this issue.
* drop
* insert * checking SQL request by execution and rollback is disabled in this module
* alter since variables features has been introduced. This can be fixed by
* truncate overloading _prepare_request_check_execution() function.
* execute
* create
* update
Bug Tracker Bug Tracker

40
sql_export/__openerp__.py
View File

@ -19,21 +19,25 @@
# #
############################################################################## ##############################################################################
{'name': 'SQL Export', {
'version': '9.0.1.0.0', 'name': 'SQL Export',
'author': 'Akretion,Odoo Community Association (OCA)', 'version': '9.0.1.0.0',
'website': 'http://www.akretion.com', 'author': 'Akretion,Odoo Community Association (OCA)',
'license': 'AGPL-3', 'website': 'http://www.akretion.com',
'category': 'Generic Modules/Others', 'license': 'AGPL-3',
'summary': 'Export data in csv file with SQL requests', 'category': 'Generic Modules/Others',
'depends': ['base', 'summary': 'Export data in csv file with SQL requests',
], 'depends': [
'data': [ 'sql_request_abstract',
'views/sql_export_view.xml', ],
'wizard/wizard_file_view.xml', 'data': [
'security/sql_export_security.xml', 'views/sql_export_view.xml',
'security/ir.model.access.csv', 'wizard/wizard_file_view.xml',
], 'security/sql_export_security.xml',
'installable': True, 'security/ir.model.access.csv',
'images': [], ],
} 'demo': [
'demo/sql_export.xml',
],
'installable': True,
}

17
sql_export/demo/sql_export.xml 100644
View File

@ -0,0 +1,17 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
Copyright (C) 2017 - Today: GRAP (http://www.grap.coop)
@author Sylvain LE GAL (https://twitter.com/legalsylvain)
License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
-->
<openerp><data>
<record id="sql_export_partner" model="sql.export">
<field name="name">Export Partners (Demo Data)</field>
<field name="query">SELECT name, street FROM res_partner;</field>
</record>
<function model="sql.export" name="button_clean_check_request" eval="([ref('sql_export.sql_export_partner')])"/>
</data></openerp>

136
sql_export/i18n/fr.po
View File

@ -6,8 +6,8 @@ msgid ""
msgstr "" msgstr ""
"Project-Id-Version: Odoo Server 8.0\n" "Project-Id-Version: Odoo Server 8.0\n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2016-02-05 13:10+0000\n" "POT-Creation-Date: 2017-02-27 12:18+0000\n"
"PO-Revision-Date: 2016-02-05 13:10+0000\n" "PO-Revision-Date: 2017-02-27 12:18+0000\n"
"Last-Translator: <>\n" "Last-Translator: <>\n"
"Language-Team: \n" "Language-Team: \n"
"MIME-Version: 1.0\n" "MIME-Version: 1.0\n"
@ -21,6 +21,7 @@ msgid "Allow the user to save the file with sql request's data"
msgstr "Permet à l'utilisateur de sauvegarder le fichier contenant les données de la requête SQL" msgstr "Permet à l'utilisateur de sauvegarder le fichier contenant les données de la requête SQL"
#. module: sql_export #. module: sql_export
#: view:sql.export:sql_export.sql_export_view_form
#: field:sql.export,group_ids:0 #: field:sql.export,group_ids:0
msgid "Allowed Groups" msgid "Allowed Groups"
msgstr "Groupes Autorisés" msgstr "Groupes Autorisés"
@ -31,15 +32,20 @@ msgstr "Groupes Autorisés"
msgid "Allowed Users" msgid "Allowed Users"
msgstr "Utilisateurs Autorisés" msgstr "Utilisateurs Autorisés"
#. module: sql_export
#: view:sql.file.wizard:sql_export.sql_file_wizard_view_form
msgid "Cancel"
msgstr "Annuler"
#. module: sql_export #. module: sql_export
#: view:sql.export:sql_export.sql_export_view_form #: view:sql.export:sql_export.sql_export_view_form
msgid "Allowed Users Groups" msgid "Clean and Check Request"
msgstr "Groupes d'utilisateurs Autorisés" msgstr "Corriger et vérifier la requête"
#. module: sql_export #. module: sql_export
#: field:sql.export,copy_options:0 #: field:sql.export,copy_options:0
msgid "Copy Options" msgid "Copy Options"
msgstr "Copy Options" msgstr "Options de copie"
#. module: sql_export #. module: sql_export
#: field:sql.export,create_uid:0 #: field:sql.export,create_uid:0
@ -58,10 +64,32 @@ msgstr "Créé le"
msgid "Csv File" msgid "Csv File"
msgstr "Fichier CSV" msgstr "Fichier CSV"
#. module: sql_export
#: field:sql.export,display_name:0
#: field:sql.file.wizard,display_name:0
msgid "Display Name"
msgstr "Nom affiché"
#. module: sql_export
#: selection:sql.export,state:0
msgid "Draft"
msgstr "En brouillon"
#. module: sql_export #. module: sql_export
#: view:sql.export:sql_export.sql_export_view_form #: view:sql.export:sql_export.sql_export_view_form
#: view:sql.export:sql_export.sql_export_view_tree
msgid "Execute Query" msgid "Execute Query"
msgstr "Exécuter" msgstr "Execute la requête"
#. module: sql_export
#: view:sql.file.wizard:sql_export.sql_file_wizard_view_form
msgid "Export"
msgstr "Exporter"
#. module: sql_export
#: view:sql.file.wizard:sql_export.sql_file_wizard_view_form
msgid "Export file"
msgstr "Fichier d'export"
#. module: sql_export #. module: sql_export
#: field:sql.file.wizard,binary_file:0 #: field:sql.file.wizard,binary_file:0
@ -71,7 +99,7 @@ msgstr "Fichier"
#. module: sql_export #. module: sql_export
#: field:sql.file.wizard,file_name:0 #: field:sql.file.wizard,file_name:0
msgid "File Name" msgid "File Name"
msgstr "Nom du fichier" msgstr "Nom de fichier"
#. module: sql_export #. module: sql_export
#: field:sql.export,id:0 #: field:sql.export,id:0
@ -79,39 +107,78 @@ msgstr "Nom du fichier"
msgid "ID" msgid "ID"
msgstr "ID" msgstr "ID"
#. module: sql_export
#: field:sql.export,__last_update:0
#: field:sql.file.wizard,__last_update:0
msgid "Last Modified on"
msgstr "Dernière modification le"
#. module: sql_export #. module: sql_export
#: field:sql.export,write_uid:0 #: field:sql.export,write_uid:0
#: field:sql.file.wizard,write_uid:0 #: field:sql.file.wizard,write_uid:0
msgid "Last Updated by" msgid "Last Updated by"
msgstr "Last Updated by" msgstr "Dernière mise à jour par"
#. module: sql_export #. module: sql_export
#: field:sql.export,write_date:0 #: field:sql.export,write_date:0
#: field:sql.file.wizard,write_date:0 #: field:sql.file.wizard,write_date:0
msgid "Last Updated on" msgid "Last Updated on"
msgstr "Last Updated on" msgstr "Dernière mise à jour le"
#. module: sql_export #. module: sql_export
#: field:sql.export,name:0 #: field:sql.export,name:0
msgid "Name" msgid "Name"
msgstr "Nom" msgstr "Nom"
#. module: sql_export
#: view:sql.export:sql_export.sql_export_view_form
#: field:sql.export,field_ids:0
msgid "Parameters"
msgstr "Paramètres"
#. module: sql_export #. module: sql_export
#: field:sql.export,query:0 #: field:sql.export,query:0
msgid "Query" msgid "Query"
msgstr "Requête" msgstr "Requête"
#. module: sql_export
#: view:sql.export:sql_export.sql_export_view_form
msgid "Request Name"
msgstr "Nom de la requête"
#. module: sql_export #. module: sql_export
#: model:ir.actions.act_window,name:sql_export.sql_export_tree_action #: model:ir.actions.act_window,name:sql_export.sql_export_tree_action
#: view:sql.export:sql_export.sql_export_view_tree #: view:sql.export:sql_export.sql_export_view_tree
msgid "SQL Export" msgid "SQL Export"
msgstr "SQL Export" msgstr "Export SQL"
#. module: sql_export
#: model:ir.actions.act_window,name:sql_export.sql_parameter_tree_action
#: view:ir.model.fields:sql_export.sql_parameter_view_tree
msgid "SQL Parameter"
msgstr "Paramètre SQL"
#. module: sql_export
#: view:sql.export:sql_export.sql_export_view_form
msgid "SQL Request"
msgstr "Requête SQL"
#. module: sql_export
#: selection:sql.export,state:0
msgid "SQL Valid"
msgstr "SQL Validé"
#. module: sql_export #. module: sql_export
#: model:ir.model,name:sql_export.model_sql_export #: model:ir.model,name:sql_export.model_sql_export
#: view:ir.model.fields:sql_export.sql_parameter_view_form
#: view:sql.export:sql_export.sql_export_view_form #: view:sql.export:sql_export.sql_export_view_form
msgid "SQL export" msgid "SQL export"
msgstr "Export SQL" msgstr "export SQL"
#. module: sql_export
#: view:sql.export:sql_export.sql_export_view_form
msgid "Set to Draft"
msgstr "Remettre en brouillon"
#. module: sql_export #. module: sql_export
#: model:ir.ui.menu,name:sql_export.sql_export_menu #: model:ir.ui.menu,name:sql_export.sql_export_menu
@ -120,23 +187,46 @@ msgid "Sql Export"
msgstr "Export SQL" msgstr "Export SQL"
#. module: sql_export #. module: sql_export
#: model:res.groups,name:sql_export.group_sql_request_editor #: model:ir.ui.menu,name:sql_export.sql_parameter_menu_view
msgid "Sql Request Editor" msgid "Sql Export Variables"
msgstr "Edition de Requête SQL" msgstr "Variables d'export SQL"
#. module: sql_export #. module: sql_export
#: code:addons/sql_export/sql_export.py:132 #: field:sql.file.wizard,sql_export_id:0
#, python-format msgid "Sql export id"
msgid "The Sql query is not valid." msgstr "Sql export id"
msgstr "La requête SQL n'est pas valide"
#. module: sql_export #. module: sql_export
#: constraint:sql.export:0 #: field:sql.export,state:0
msgid "The query you want make is not allowed : prohibited actions (delete, drop, insert, alter, truncate, execute, create, update)" msgid "State"
msgstr "La requête que vous voulez faire n'est pas autorisée : actions interdites (delete, drop, insert, alter, truncate, execute, create, update)" msgstr "Etat"
#. module: sql_export
#: help:sql.export,state:0
msgid "State of the Request:\n"
" * 'Draft': Not tested\n"
" * 'SQL Valid': SQL Request has been checked and is valid"
msgstr "Etat de la requête:\n"
" * 'En brouillon': non testée\n"
" * 'SQL Validé': La requête SQL a été vérifiée et est valide"
#. module: sql_export #. module: sql_export
#: help:sql.export,query:0 #: help:sql.export,query:0
msgid "You can't use the following word : delete, drop, create, insert, alter, truncate, execute, update" msgid "You can't use the following words: DELETE, DROP, CREATE, INSERT, ALTER, TRUNCATE, EXECUTE, UPDATE"
msgstr "Vous ne pouvez pas utiliser les mots suivants : delete, drop, create, insert, alter, truncate, execute, update" msgstr "Vous ne pouvez pas utiliser les termes suivants : DELETE, DROP, CREATE, INSERT, ALTER, TRUNCATE, EXECUTE, UPDATE"
#. module: sql_export
#: view:sql.file.wizard:sql_export.sql_file_wizard_view_form
msgid "or"
msgstr "ou"
#. module: sql_export
#: view:sql.export:sql_export.sql_export_view_form
msgid "select * from res_partner"
msgstr "select * from res_partner"
#. module: sql_export
#: view:sql.file.wizard:sql_export.sql_file_wizard_view_form
msgid "variables_placeholder"
msgstr "variables_placeholder"

110
sql_export/i18n/sql_export.pot
View File

@ -6,8 +6,8 @@ msgid ""
msgstr "" msgstr ""
"Project-Id-Version: Odoo Server 8.0\n" "Project-Id-Version: Odoo Server 8.0\n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2016-02-05 13:10+0000\n" "POT-Creation-Date: 2017-02-27 12:24+0000\n"
"PO-Revision-Date: 2016-02-05 13:10+0000\n" "PO-Revision-Date: 2017-02-27 12:24+0000\n"
"Last-Translator: <>\n" "Last-Translator: <>\n"
"Language-Team: \n" "Language-Team: \n"
"MIME-Version: 1.0\n" "MIME-Version: 1.0\n"
@ -21,6 +21,7 @@ msgid "Allow the user to save the file with sql request's data"
msgstr "" msgstr ""
#. module: sql_export #. module: sql_export
#: view:sql.export:sql_export.sql_export_view_form
#: field:sql.export,group_ids:0 #: field:sql.export,group_ids:0
msgid "Allowed Groups" msgid "Allowed Groups"
msgstr "" msgstr ""
@ -31,9 +32,14 @@ msgstr ""
msgid "Allowed Users" msgid "Allowed Users"
msgstr "" msgstr ""
#. module: sql_export
#: view:sql.file.wizard:sql_export.sql_file_wizard_view_form
msgid "Cancel"
msgstr ""
#. module: sql_export #. module: sql_export
#: view:sql.export:sql_export.sql_export_view_form #: view:sql.export:sql_export.sql_export_view_form
msgid "Allowed Users Groups" msgid "Clean and Check Request"
msgstr "" msgstr ""
#. module: sql_export #. module: sql_export
@ -58,11 +64,33 @@ msgstr ""
msgid "Csv File" msgid "Csv File"
msgstr "" msgstr ""
#. module: sql_export
#: field:sql.export,display_name:0
#: field:sql.file.wizard,display_name:0
msgid "Display Name"
msgstr ""
#. module: sql_export
#: selection:sql.export,state:0
msgid "Draft"
msgstr ""
#. module: sql_export #. module: sql_export
#: view:sql.export:sql_export.sql_export_view_form #: view:sql.export:sql_export.sql_export_view_form
#: view:sql.export:sql_export.sql_export_view_tree
msgid "Execute Query" msgid "Execute Query"
msgstr "" msgstr ""
#. module: sql_export
#: view:sql.file.wizard:sql_export.sql_file_wizard_view_form
msgid "Export"
msgstr ""
#. module: sql_export
#: view:sql.file.wizard:sql_export.sql_file_wizard_view_form
msgid "Export file"
msgstr ""
#. module: sql_export #. module: sql_export
#: field:sql.file.wizard,binary_file:0 #: field:sql.file.wizard,binary_file:0
msgid "File" msgid "File"
@ -79,6 +107,12 @@ msgstr ""
msgid "ID" msgid "ID"
msgstr "" msgstr ""
#. module: sql_export
#: field:sql.export,__last_update:0
#: field:sql.file.wizard,__last_update:0
msgid "Last Modified on"
msgstr ""
#. module: sql_export #. module: sql_export
#: field:sql.export,write_uid:0 #: field:sql.export,write_uid:0
#: field:sql.file.wizard,write_uid:0 #: field:sql.file.wizard,write_uid:0
@ -96,23 +130,56 @@ msgstr ""
msgid "Name" msgid "Name"
msgstr "" msgstr ""
#. module: sql_export
#: view:sql.export:sql_export.sql_export_view_form
#: field:sql.export,field_ids:0
msgid "Parameters"
msgstr ""
#. module: sql_export #. module: sql_export
#: field:sql.export,query:0 #: field:sql.export,query:0
msgid "Query" msgid "Query"
msgstr "" msgstr ""
#. module: sql_export
#: view:sql.export:sql_export.sql_export_view_form
msgid "Request Name"
msgstr ""
#. module: sql_export #. module: sql_export
#: model:ir.actions.act_window,name:sql_export.sql_export_tree_action #: model:ir.actions.act_window,name:sql_export.sql_export_tree_action
#: view:sql.export:sql_export.sql_export_view_tree #: view:sql.export:sql_export.sql_export_view_tree
msgid "SQL Export" msgid "SQL Export"
msgstr "" msgstr ""
#. module: sql_export
#: model:ir.actions.act_window,name:sql_export.sql_parameter_tree_action
#: view:ir.model.fields:sql_export.sql_parameter_view_tree
msgid "SQL Parameter"
msgstr ""
#. module: sql_export
#: view:sql.export:sql_export.sql_export_view_form
msgid "SQL Request"
msgstr ""
#. module: sql_export
#: selection:sql.export,state:0
msgid "SQL Valid"
msgstr ""
#. module: sql_export #. module: sql_export
#: model:ir.model,name:sql_export.model_sql_export #: model:ir.model,name:sql_export.model_sql_export
#: view:ir.model.fields:sql_export.sql_parameter_view_form
#: view:sql.export:sql_export.sql_export_view_form #: view:sql.export:sql_export.sql_export_view_form
msgid "SQL export" msgid "SQL export"
msgstr "" msgstr ""
#. module: sql_export
#: view:sql.export:sql_export.sql_export_view_form
msgid "Set to Draft"
msgstr ""
#. module: sql_export #. module: sql_export
#: model:ir.ui.menu,name:sql_export.sql_export_menu #: model:ir.ui.menu,name:sql_export.sql_export_menu
#: model:ir.ui.menu,name:sql_export.sql_export_menu_view #: model:ir.ui.menu,name:sql_export.sql_export_menu_view
@ -120,23 +187,44 @@ msgid "Sql Export"
msgstr "" msgstr ""
#. module: sql_export #. module: sql_export
#: model:res.groups,name:sql_export.group_sql_request_editor #: model:ir.ui.menu,name:sql_export.sql_parameter_menu_view
msgid "Sql Request Editor" msgid "Sql Export Variables"
msgstr "" msgstr ""
#. module: sql_export #. module: sql_export
#: code:addons/sql_export/sql_export.py:132 #: field:sql.file.wizard,sql_export_id:0
#, python-format msgid "Sql export id"
msgid "The Sql query is not valid."
msgstr "" msgstr ""
#. module: sql_export #. module: sql_export
#: constraint:sql.export:0 #: field:sql.export,state:0
msgid "The query you want make is not allowed : prohibited actions (delete, drop, insert, alter, truncate, execute, create, update)" msgid "State"
msgstr ""
#. module: sql_export
#: help:sql.export,state:0
msgid "State of the Request:\n"
" * 'Draft': Not tested\n"
" * 'SQL Valid': SQL Request has been checked and is valid"
msgstr "" msgstr ""
#. module: sql_export #. module: sql_export
#: help:sql.export,query:0 #: help:sql.export,query:0
msgid "You can't use the following word : delete, drop, create, insert, alter, truncate, execute, update" msgid "You can't use the following words: DELETE, DROP, CREATE, INSERT, ALTER, TRUNCATE, EXECUTE, UPDATE"
msgstr ""
#. module: sql_export
#: view:sql.file.wizard:sql_export.sql_file_wizard_view_form
msgid "or"
msgstr ""
#. module: sql_export
#: view:sql.export:sql_export.sql_export_view_form
msgid "select * from res_partner"
msgstr ""
#. module: sql_export
#: view:sql.file.wizard:sql_export.sql_file_wizard_view_form
msgid "variables_placeholder"
msgstr "" msgstr ""

88
sql_export/models/sql_export.py
View File

@ -19,65 +19,24 @@
# #
############################################################################## ##############################################################################
import re
from openerp import models, fields, api from openerp import models, fields, api
class SqlExport(models.Model): class SqlExport(models.Model):
_name = "sql.export" _name = "sql.export"
_inherit = ['sql.request.mixin']
_description = "SQL export" _description = "SQL export"
PROHIBITED_WORDS = [ _sql_request_groups_relation = 'groups_sqlquery_rel'
'delete',
'drop',
'insert',
'alter',
'truncate',
'execute',
'create',
'update'
]
@api.multi _sql_request_users_relation = 'users_sqlquery_rel'
def _check_query_allowed(self):
for obj in self:
query = obj.query.lower()
for word in self.PROHIBITED_WORDS:
expr = r'\b%s\b' % word
is_not_safe = re.search(expr, query)
if is_not_safe:
return False
return True
@api.model _check_execution_enabled = False
def _get_editor_group(self):
ir_model_obj = self.env['ir.model.data']
return [ir_model_obj.xmlid_to_res_id(
'sql_export.group_sql_request_editor')]
name = fields.Char('Name', required=True)
query = fields.Text(
'Query',
required=True,
help="You can't use the following word : delete, drop, create, "
"insert, alter, truncate, execute, update")
copy_options = fields.Char( copy_options = fields.Char(
'Copy Options', string='Copy Options', required=True,
required=True,
default="CSV HEADER DELIMITER ';'") default="CSV HEADER DELIMITER ';'")
group_ids = fields.Many2many(
'res.groups',
'groups_sqlquery_rel',
'sql_id',
'group_id',
'Allowed Groups',
default=_get_editor_group)
user_ids = fields.Many2many(
'res.users',
'users_sqlquery_rel',
'sql_id',
'user_id',
'Allowed Users')
field_ids = fields.Many2many( field_ids = fields.Many2many(
'ir.model.fields', 'ir.model.fields',
'fields_sqlquery_rel', 'fields_sqlquery_rel',
@ -85,18 +44,11 @@ class SqlExport(models.Model):
'field_id', 'field_id',
'Parameters', 'Parameters',
domain=[('model', '=', 'sql.file.wizard')]) domain=[('model', '=', 'sql.file.wizard')])
valid = fields.Boolean()
_constraints = [(_check_query_allowed,
'The query you want make is not allowed : prohibited '
'actions (%s)' % ', '.join(PROHIBITED_WORDS),
['query'])]
@api.multi @api.multi
def export_sql_query(self): def export_sql_query(self):
self.ensure_one() self.ensure_one()
wiz = self.env['sql.file.wizard'].create({ wiz = self.env['sql.file.wizard'].create({
'valid': self.valid,
'sql_export_id': self.id}) 'sql_export_id': self.id})
return { return {
'view_type': 'form', 'view_type': 'form',
@ -108,31 +60,3 @@ class SqlExport(models.Model):
'context': self._context, 'context': self._context,
'nodestroy': True, 'nodestroy': True,
} }
@api.model
def check_query_syntax(self, vals):
if vals.get('query', False):
vals['query'] = vals['query'].strip()
if vals['query'][-1] == ';':
vals['query'] = vals['query'][:-1]
# Can't test the query because of variables
# try:
# self.env.cr.execute(vals['query'])
# except:
# raise exceptions.Warning(
# _("The Sql query is not valid."))
# finally:
# self.env.cr.rollback()
return vals
@api.multi
def write(self, vals):
vals = self.check_query_syntax(vals)
if 'query' in vals:
vals['valid'] = False
return super(SqlExport, self).write(vals)
@api.model
def create(self, vals):
vals = self.check_query_syntax(vals)
return super(SqlExport, self).create(vals)

2
sql_export/security/ir.model.access.csv
View File

@ -1,3 +1,3 @@
"id","name","model_id:id","group_id:id","perm_read","perm_write","perm_create","perm_unlink" "id","name","model_id:id","group_id:id","perm_read","perm_write","perm_create","perm_unlink"
"access_sql_export_all","access_sql_export_all","model_sql_export",,1,0,0,0 "access_sql_export_all","access_sql_export_all","model_sql_export",,1,0,0,0
"access_sql_export_editor","access_sql_export_editor","model_sql_export",group_sql_request_editor,1,1,1,1 "access_sql_export_editor","access_sql_export_editor","model_sql_export",sql_request_abstract.group_sql_request_manager,1,1,1,1

1 id name model_id:id group_id:id perm_read perm_write perm_create perm_unlink
2 access_sql_export_all access_sql_export_all model_sql_export 1 0 0 0
3 access_sql_export_editor access_sql_export_editor model_sql_export group_sql_request_editor sql_request_abstract.group_sql_request_manager 1 1 1 1

5
sql_export/security/sql_export_security.xml
View File

@ -2,11 +2,6 @@
<openerp> <openerp>
<data noupdate="0"> <data noupdate="0">
<record model="res.groups" id="group_sql_request_editor">
<field name="name">Sql Request Editor</field>
<field name="users" eval="[(4, ref('base.user_root'))]"/>
</record>
<record model="ir.rule" id="sql_export_restric_access_user_or_group"> <record model="ir.rule" id="sql_export_restric_access_user_or_group">
<field name="name" >SQL Export users and groups rules</field> <field name="name" >SQL Export users and groups rules</field>
<field name="model_id" ref="model_sql_export"/> <field name="model_id" ref="model_sql_export"/>

56
sql_export/tests/test_sql_query.py
View File

@ -20,35 +20,27 @@
############################################################################## ##############################################################################
import base64 import base64
from openerp.tests.common import TransactionCase from openerp.tests.common import TransactionCase
from openerp import exceptions from openerp.exceptions import Warning as UserError
class TestExportSqlQuery(TransactionCase): class TestExportSqlQuery(TransactionCase):
def setUp(self): def setUp(self):
super(TestExportSqlQuery, self).setUp() super(TestExportSqlQuery, self).setUp()
query_vals = { self.sql_export_obj = self.env['sql.export']
'name': 'test', self.wizard_obj = self.env['sql.file.wizard']
'query': "SELECT name, street FROM res_partner;" self.sql_report_demo = self.env.ref('sql_export.sql_export_partner')
}
self.sql_model = self.registry('sql.export')
self.query_id = self.sql_model.create(
self.cr,
self.uid,
query_vals)
def test_sql_query(self): def test_sql_query(self):
test = self.sql_model.export_sql_query( wizard = self.wizard_obj.create({
self.cr, self.uid, [self.query_id]) 'sql_export_id': self.sql_report_demo.id,
self.registry('sql.file.wizard').export_sql( })
self.cr, self.uid, test['res_id']) wizard.export_sql()
wizard = self.registry('sql.file.wizard').browse(
self.cr, self.uid, test['res_id'])
export = base64.b64decode(wizard.binary_file) export = base64.b64decode(wizard.binary_file)
self.assertEqual(export.split(';')[0], 'name') self.assertEqual(export.split(';')[0], 'name')
self.assertTrue(len(export.split(';')) > 6) self.assertTrue(len(export.split(';')) > 6)
def test_prohibited_queries_creation(self): def test_prohibited_queries(self):
prohibited_queries = [ prohibited_queries = [
"upDaTe res_partner SET name = 'test' WHERE id = 1", "upDaTe res_partner SET name = 'test' WHERE id = 1",
"DELETE FROM sql_export WHERE name = 'test';", "DELETE FROM sql_export WHERE name = 'test';",
@ -60,14 +52,22 @@ class TestExportSqlQuery(TransactionCase):
""", """,
] ]
for query in prohibited_queries: for query in prohibited_queries:
with self.assertRaises(exceptions.ValidationError): with self.assertRaises(UserError):
self.sql_model.create( sql_export = self.sql_export_obj.create({
self.cr, self.uid, 'name': 'test_prohibited',
{'name': 'test_prohibited', 'query': query})
'query': query}) sql_export.button_clean_check_request()
ok_query = {
'name': 'test ok', def test_authorized_queries(self):
'query': "SELECT create_date FROM res_partner" authorized_queries = [
} "SELECT create_date FROM res_partner",
query_id = self.sql_model.create(self.cr, self.uid, ok_query) ]
self.assertIsNotNone(query_id)
for query in authorized_queries:
sql_export = self.sql_export_obj.create({
'name': 'test_authorized',
'query': query})
sql_export.button_clean_check_request()
self.assertEqual(
sql_export.state, 'sql_valid',
"%s is a valid request" % (query))

54
sql_export/views/sql_export_view.xml
View File

@ -8,26 +8,40 @@
<field name="model">sql.export</field> <field name="model">sql.export</field>
<field name="arch" type="xml"> <field name="arch" type="xml">
<form string="SQL export"> <form string="SQL export">
<group col="2"> <sheet>
<group colspan="2" col="5"> <header>
<label for="name" colspan="1"/> <button name="button_clean_check_request" type="object" states="draft"
<field name="name" colspan="2" nolabel="1"/> string="Clean and Check Request" class="oe_highlight"/>
<button name="export_sql_query" string="Execute Query" type="object" class="oe_highlight" icon="gtk-execute" colspan="2"/> <button name="button_set_draft" type="object" states="sql_valid"
<label for="query" colspan="1"/> string="Set to Draft" groups="sql_request_abstract.group_sql_request_manager"/>
<field name="query" nolabel="1" colspan="4"/> <button name="export_sql_query" string="Execute Query" states="sql_valid" type="object" class="oe_highlight"
<label for="Copy Options" colspan="1"/> icon="gtk-execute"/>
<field name="copy_options" nolabel="1" colspan="4"/> <field name="state" widget="statusbar" />
</group> </header>
<group groups="sql_export.group_sql_request_editor" string="Parameters"> <group>
<field name="field_ids" nolabel="1"/> <h1>
</group> <field name="name" nolabel="1" placeholder="Request Name"/>
<group colspan="2" col="2" groups="sql_export.group_sql_request_editor"> </h1>
<separator string="Allowed Users" colspan="1"/> </group>
<separator string="Allowed Users Groups" colspan="1"/> <group name="option" groups="sql_request_abstract.group_sql_request_user">
<field name="copy_options"/>
</group>
<group name="request" string="SQL Request" groups="sql_request_abstract.group_sql_request_user">
<field name="query" nolabel="1" placeholder="select * from res_partner"/>
</group>
<group string="Parameters" groups="sql_request_abstract.group_sql_request_user">
<field name="field_ids" nolabel="1"/>
</group>
<group groups="sql_request_abstract.group_sql_request_manager">
<group string="Allowed Users">
<field name="user_ids" nolabel="1"/> <field name="user_ids" nolabel="1"/>
</group>
<group string="Allowed Groups">
<field name="group_ids" nolabel="1"/> <field name="group_ids" nolabel="1"/>
</group> </group>
</group> </group>
</sheet>
</form> </form>
</field> </field>
</record> </record>
@ -36,9 +50,11 @@
<field name="name">Sql_export_tree_view</field> <field name="name">Sql_export_tree_view</field>
<field name="model">sql.export</field> <field name="model">sql.export</field>
<field name="arch" type="xml"> <field name="arch" type="xml">
<tree string="SQL Export" colors="red:valid == False"> <tree string="SQL Export" colors="blue:state == 'draft'">
<field name="name"/> <field name="name"/>
<field name="valid" invisible="1"/> <field name="state"/>
<button name="export_sql_query" string="Execute Query" states="sql_valid" type="object"
icon="gtk-execute"/>
</tree> </tree>
</field> </field>
</record> </record>
@ -84,7 +100,7 @@
<field name="domain">[('model','=','sql.file.wizard')]</field> <field name="domain">[('model','=','sql.file.wizard')]</field>
</record> </record>
<menuitem id="sql_parameter_menu_view" name="Sql Export Variables" parent="sql_export_menu" action="sql_parameter_tree_action" sequence="5"/> <menuitem id="sql_parameter_menu_view" name="Sql Export Variables" parent="sql_export_menu" action="sql_parameter_tree_action" sequence="5" groups="sql_request_abstract.group_sql_request_manager"/>
</data> </data>

40
sql_export/wizard/wizard_file.py
View File

@ -18,14 +18,12 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
# #
############################################################################## ##############################################################################
from openerp import models, fields, api
from openerp.osv.orm import setup_modifiers
import StringIO
import base64
import datetime import datetime
from lxml import etree from lxml import etree
from openerp import models, fields, api, osv
from openerp.tools import DEFAULT_SERVER_DATETIME_FORMAT from openerp.tools import DEFAULT_SERVER_DATETIME_FORMAT
import uuid
class SqlFileWizard(models.TransientModel): class SqlFileWizard(models.TransientModel):
@ -34,7 +32,6 @@ class SqlFileWizard(models.TransientModel):
binary_file = fields.Binary('File', readonly=True) binary_file = fields.Binary('File', readonly=True)
file_name = fields.Char('File Name', readonly=True) file_name = fields.Char('File Name', readonly=True)
valid = fields.Boolean()
sql_export_id = fields.Many2one(comodel_name='sql.export', required=True) sql_export_id = fields.Many2one(comodel_name='sql.export', required=True)
@api.model @api.model
@ -58,7 +55,8 @@ class SqlFileWizard(models.TransientModel):
kwargs = {'name': "%s" % field.name} kwargs = {'name': "%s" % field.name}
toupdate_fields.append(field.name) toupdate_fields.append(field.name)
view_field = etree.SubElement(group, 'field', **kwargs) view_field = etree.SubElement(group, 'field', **kwargs)
setup_modifiers(view_field, self.fields_get(field.name)) osv.orm.setup_modifiers(
view_field, self.fields_get(field.name))
res['fields'].update(self.fields_get(toupdate_fields)) res['fields'].update(self.fields_get(toupdate_fields))
placeholder = eview.xpath( placeholder = eview.xpath(
@ -72,12 +70,13 @@ class SqlFileWizard(models.TransientModel):
def export_sql(self): def export_sql(self):
self.ensure_one() self.ensure_one()
sql_export = self.sql_export_id sql_export = self.sql_export_id
# Manage Params
variable_dict = {}
today = datetime.datetime.now() today = datetime.datetime.now()
today_tz = fields.Datetime.context_timestamp( today_tz = fields.Datetime.context_timestamp(
sql_export, today) sql_export, today)
date = today_tz.strftime(DEFAULT_SERVER_DATETIME_FORMAT) date = today_tz.strftime(DEFAULT_SERVER_DATETIME_FORMAT)
output = StringIO.StringIO()
variable_dict = {}
if sql_export.field_ids: if sql_export.field_ids:
for field in sql_export.field_ids: for field in sql_export.field_ids:
variable_dict[field.name] = self[field.name] variable_dict[field.name] = self[field.name]
@ -85,25 +84,16 @@ class SqlFileWizard(models.TransientModel):
variable_dict['company_id'] = self.env.user.company_id.id variable_dict['company_id'] = self.env.user.company_id.id
if "%(user_id)s" in sql_export.query: if "%(user_id)s" in sql_export.query:
variable_dict['user_id'] = self._uid variable_dict['user_id'] = self._uid
format_query = self.env.cr.mogrify(
sql_export.query, variable_dict).decode('utf-8') # Execute Request
query = "COPY (" + format_query + ") TO STDOUT WITH " + \ res = sql_export._execute_sql_request(
sql_export.copy_options params=variable_dict, mode='stdout',
name = 'export_query_%s' % uuid.uuid1().hex copy_options=sql_export.copy_options)
self.env.cr.execute("SAVEPOINT %s" % name)
try:
self.env.cr.copy_expert(query, output)
output.getvalue()
new_output = base64.b64encode(output.getvalue())
output.close()
finally:
self.env.cr.execute("ROLLBACK TO SAVEPOINT %s" % name)
self.write({ self.write({
'binary_file': new_output, 'binary_file': res,
'file_name': sql_export.name + '_' + date + '.csv' 'file_name': sql_export.name + '_' + date + '.csv'
}) })
if not sql_export.valid:
sql_export.sudo().valid = True
return { return {
'view_type': 'form', 'view_type': 'form',
'view_mode': 'form', 'view_mode': 'form',

2
sql_export/wizard/wizard_file_view.xml
View File

@ -7,11 +7,9 @@
<field name="model">sql.file.wizard</field> <field name="model">sql.file.wizard</field>
<field name="arch" type="xml"> <field name="arch" type="xml">
<form string="Csv File"> <form string="Csv File">
<separator string="Warning untested export" attrs="{'invisible': [('valid', '=', True)]}"/>
<separator string="variables_placeholder" colspan="4" invisible="1"/> <separator string="variables_placeholder" colspan="4" invisible="1"/>
<separator string="Export file" colspan="4" <separator string="Export file" colspan="4"
attrs="{'invisible': [('binary_file', '=', False)]}"/> attrs="{'invisible': [('binary_file', '=', False)]}"/>
<field name="valid" invisible="1"/>
<field name="binary_file" filename="file_name"/> <field name="binary_file" filename="file_name"/>
<field name="file_name" invisible="1"/> <field name="file_name" invisible="1"/>
<footer> <footer>