[18.0][MIG] auth saml create user

auth_saml_create_user/README.rst

@@ -0,0 +1,117 @@
+=====================
+Auth SAML Create User
+=====================
+
+.. 
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+   !! This file is generated by oca-gen-addon-readme !!
+   !! changes will be overwritten.                   !!
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+   !! source digest: sha256:99e8fd5583907518e2d4a0ef800c952bf67fe884007baa8365c037da4ffa55b0
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+
+.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
+    :target: https://odoo-community.org/page/development-status
+    :alt: Beta
+.. |badge2| image:: https://img.shields.io/badge/licence-AGPL--3-blue.png
+    :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
+    :alt: License: AGPL-3
+.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github
+    :target: https://github.com/OCA/server-auth/tree/18.0/auth_saml_create_user
+    :alt: OCA/server-auth
+.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
+    :target: https://translation.odoo-community.org/projects/server-auth-18-0/server-auth-18-0-auth_saml_create_user
+    :alt: Translate me on Weblate
+.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png
+    :target: https://runboat.odoo-community.org/builds?repo=OCA/server-auth&target_branch=18.0
+    :alt: Try me on Runboat
+
+|badge1| |badge2| |badge3| |badge4| |badge5|
+
+This module extends the functionality of Auth SAML to support the
+automatic creation of SAML users when they don't exist in odoo.
+
+**Table of contents**
+
+.. contents::
+   :local:
+
+Usage
+=====
+
+To use this module, you need to:
+
+1. Check to true the create user option in the SAML Provider
+   configuration
+
+Bug Tracker
+===========
+
+Bugs are tracked on `GitHub Issues <https://github.com/OCA/server-auth/issues>`_.
+In case of trouble, please check there if your issue has already been reported.
+If you spotted it first, help us to smash it by providing a detailed and welcomed
+`feedback <https://github.com/OCA/server-auth/issues/new?body=module:%20auth_saml_create_user%0Aversion:%2018.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
+
+Do not contact contributors directly about support or help with technical issues.
+
+Credits
+=======
+
+Authors
+-------
+
+* Savoir-faire Linux
+* Smile
+
+Contributors
+------------
+
+- Luis Garcia(luis.garcia@savoirfairelinux.com)
+
+- Jerome Oufella(jerome.oufella@savoirfairelinux.com)
+
+- Rim Ben Dhaou <rim.bendhaou@savoirfairelinux.com>
+
+- Larbi Gharib <larbi.gharib@savoirfairelinux.com>
+
+- Pierre Gault <pierre.gault@savoirfairelinux.com>
+
+- William Beverly <william.beverly@savoirfairelinux.com>
+
+- [SMILE] (https://smile.eu/en):
+
+  - Martin Deconinck <martin.deconinck@smile.fr>
+  - Théo Martin <theo.martin@smile.fr>
+
+Other credits
+-------------
+
+The development of this module has been financially supported by:
+
+- Savoir-faire Linux
+- Odoo Community Association (OCA)
+
+Maintainers
+-----------
+
+This module is maintained by the OCA.
+
+.. image:: https://odoo-community.org/logo.png
+   :alt: Odoo Community Association
+   :target: https://odoo-community.org
+
+OCA, or the Odoo Community Association, is a nonprofit organization whose
+mission is to support the collaborative development of Odoo features and
+promote its widespread use.
+
+.. |maintainer-eilst| image:: https://github.com/eilst.png?size=40px
+    :target: https://github.com/eilst
+    :alt: eilst
+
+Current `maintainer <https://odoo-community.org/page/maintainer-role>`__:
+
+|maintainer-eilst| 
+
+This module is part of the `OCA/server-auth <https://github.com/OCA/server-auth/tree/18.0/auth_saml_create_user>`_ project on GitHub.
+
+You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.

auth_saml_create_user/__init__.py

@@ -0,0 +1,4 @@
+# © 2019 Savoir-faire Linux
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+from . import models

auth_saml_create_user/__manifest__.py

@@ -0,0 +1,27 @@
+# © 2019 Savoir-faire Linux
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+{
+    "name": "Auth SAML Create User",
+    "summary": """
+        This module extends the functionality of Auth SAML to support
+        the automatic creation of SAML users when they don't exist in odoo.""",
+    "version": "18.0.1.0.0",
+    "category": "Tools",
+    "sequence": 20,
+    "author": "Savoir-faire Linux, Odoo Community Association (OCA), Smile",
+    "maintainers": ["eilst"],
+    "website": "https://github.com/OCA/server-auth",
+    "license": "AGPL-3",
+    "depends": [
+        "auth_saml",
+    ],
+    "data": [
+        "views/auth_saml.xml",
+    ],
+    "demo": [],
+    "test": [],
+    "auto_install": False,
+    "installable": True,
+    "application": False,
+}

auth_saml_create_user/i18n/auth_saml_create_user.pot

@@ -0,0 +1,30 @@
+# Translation of Odoo Server.
+# This file contains the translation of the following modules:
+#	* auth_saml_create_user
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Odoo Server 11.0\n"
+"Report-Msgid-Bugs-To: \n"
+"Last-Translator: <>\n"
+"Language-Team: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: \n"
+"Plural-Forms: \n"
+
+#. module: auth_saml_create_user
+#: model:ir.model.fields,field_description:auth_saml_create_user.field_auth_saml_provider_create_user
+msgid "Create User"
+msgstr ""
+
+#. module: auth_saml_create_user
+#: model:ir.model,name:auth_saml_create_user.model_auth_saml_provider
+msgid "SAML2 provider"
+msgstr ""
+
+#. module: auth_saml_create_user
+#: model:ir.model,name:auth_saml_create_user.model_res_users
+msgid "Users"
+msgstr ""
+

auth_saml_create_user/models/__init__.py

@@ -0,0 +1,5 @@
+# © 2018 Savoir-faire Linux
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+from . import auth_saml_provider
+from . import res_users

auth_saml_create_user/models/auth_saml_provider.py

@@ -0,0 +1,12 @@
+# Copyright (C) 2010-2016 XCG Consulting <http://odoo.consulting>
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+from odoo import fields, models
+
+
+class AuthSamlProvider(models.Model):
+    _inherit = "auth.saml.provider"
+
+    create_user = fields.Boolean(
+        default=True,
+    )

auth_saml_create_user/models/res_users.py

@@ -0,0 +1,54 @@
+# © 2019 Savoir-faire Linux
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import logging
+import random
+
+from odoo import models
+from odoo.tools import safe_eval
+
+from odoo.addons.auth_saml.models.ir_config_parameter import ALLOW_SAML_UID_AND_PASSWORD
+
+_logger = logging.getLogger(__name__)
+s = "abcdefghijklmnopqrstuvwxyz034567890ABCDEFGHIJKLMNOPQRSTUVWXYZ!@#$%^&*()?"
+passlen = 16
+
+
+class ResUsers(models.Model):
+    _inherit = "res.users"
+
+    def check_if_create_user(self, provider):
+        return self.env["auth.saml.provider"].browse(provider).create_user
+
+    def create_user(self, saml_uid, provider):
+        _logger.debug(f"Creating new Odoo user {saml_uid} from SAML")
+        SudoUser = self.env["res.users"].sudo()
+        values = {
+            "name": saml_uid,
+            "login": saml_uid,
+            "saml_ids": [
+                (0, 0, {"saml_provider_id": provider, "saml_uid": saml_uid}),
+            ],
+            "company_id": self.env["res.company"].sudo().browse(1).id,
+        }
+        allow_saml_password = (
+            self.env["ir.config_parameter"]
+            .sudo()
+            .get_param(ALLOW_SAML_UID_AND_PASSWORD, "False")
+        )
+        if safe_eval.safe_eval(allow_saml_password):
+            values["password"] = "".join(random.sample(s, passlen))
+        res = SudoUser.create(values)
+        return res
+
+    def _auth_saml_signin(self, provider: int, validation: dict, saml_response) -> str:
+        """
+        Overload to auto create a new user if configured to allow it.
+        """
+        saml_uid = validation["user_id"]
+        user_ids = self.env["res.users.saml"].search(
+            [("saml_uid", "=", saml_uid), ("saml_provider_id", "=", provider)]
+        )
+        if self.check_if_create_user(provider) and not user_ids:
+            self.create_user(saml_uid, provider)
+        return super()._auth_saml_signin(provider, validation, saml_response)

auth_saml_create_user/pyproject.toml

@@ -0,0 +1,3 @@
+[build-system]
+requires = ["whool"]
+build-backend = "whool.buildapi"

auth_saml_create_user/readme/CONTRIBUTORS.md

@@ -0,0 +1,10 @@
+- Luis Garcia(<luis.garcia@savoirfairelinux.com>)
+- Jerome Oufella(<jerome.oufella@savoirfairelinux.com>)
+- Rim Ben Dhaou \<rim.bendhaou@savoirfairelinux.com\>
+- Larbi Gharib \<larbi.gharib@savoirfairelinux.com\>
+- Pierre Gault \<pierre.gault@savoirfairelinux.com\>
+- William Beverly \<william.beverly@savoirfairelinux.com\>
+
+- [SMILE] (https://smile.eu/en):
+  - Martin Deconinck \<martin.deconinck@smile.fr\>
+  - Théo Martin \<theo.martin@smile.fr\>

auth_saml_create_user/readme/CREDITS.md

@@ -0,0 +1,4 @@
+The development of this module has been financially supported by:
+
+- Savoir-faire Linux
+- Odoo Community Association (OCA)

auth_saml_create_user/readme/DESCRIPTION.md

@@ -0,0 +1,2 @@
+This module extends the functionality of Auth SAML to support the
+automatic creation of SAML users when they don't exist in odoo.

auth_saml_create_user/readme/USAGE.md

@@ -0,0 +1,4 @@
+To use this module, you need to:
+
+1.  Check to true the create user option in the SAML Provider
+    configuration