Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[16.0] [ADD] fastapi_encrypted_errors #468

Open
wants to merge 1 commit into
base: 16.0
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 5 additions & 4 deletions extendable_fastapi/fastapi_dispatcher.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,15 +3,16 @@

from contextlib import contextmanager

from odoo.http import _dispatchers

from odoo.addons.extendable.registry import _extendable_registries_database
from odoo.addons.fastapi.fastapi_dispatcher import (
FastApiDispatcher as BaseFastApiDispatcher,
)

from extendable import context


class FastApiDispatcher(BaseFastApiDispatcher):
# Inherit from last dispatcher of fastapi registered
# This handles multiple overloaded dispatchers
class FastApiDispatcher(_dispatchers["fastapi"]):
routing_type = "fastapi"

def dispatch(self, endpoint, args):
Expand Down
99 changes: 99 additions & 0 deletions fastapi_encrypted_errors/README.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1,99 @@
========================
FastAPI Encrypted Errors
========================

..
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!! This file is generated by oca-gen-addon-readme !!
!! changes will be overwritten. !!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!! source digest: sha256:296fbef824a5eb64e9bbaedc382ef15e41d146f0cc59d458c0d76de46a54358e
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
:target: https://odoo-community.org/page/development-status
:alt: Beta
.. |badge2| image:: https://img.shields.io/badge/licence-AGPL--3-blue.png
:target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
:alt: License: AGPL-3
.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Frest--framework-lightgray.png?logo=github
:target: https://github.com/OCA/rest-framework/tree/16.0/fastapi_encrypted_errors
:alt: OCA/rest-framework
.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
:target: https://translation.odoo-community.org/projects/rest-framework-16-0/rest-framework-16-0-fastapi_encrypted_errors
:alt: Translate me on Weblate
.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png
:target: https://runboat.odoo-community.org/builds?repo=OCA/rest-framework&target_branch=16.0
:alt: Try me on Runboat

|badge1| |badge2| |badge3| |badge4| |badge5|

This module adds a "ref" field in the error response of FastAPI.
This field is an AES encrypted string that contains the error message / traceback.
This encrypted string can be decrypted using the endpoint decrypt error wizard.

**Table of contents**

.. contents::
:local:

Usage
=====

First you have to enable the encryption for an endpoint by checking the `Encrypt Errors` checkbox
in the endpoint configuration.

To decrypt an error message, you can use the "Decrypt Error" wizard in the
FastAPI menu.

You can regenerate a new key by clicking on the "Regenerate Key" button next to the `Errors Secret Key` field.

Bug Tracker
===========

Bugs are tracked on `GitHub Issues <https://github.com/OCA/rest-framework/issues>`_.
In case of trouble, please check there if your issue has already been reported.
If you spotted it first, help us to smash it by providing a detailed and welcomed
`feedback <https://github.com/OCA/rest-framework/issues/new?body=module:%20fastapi_encrypted_errors%0Aversion:%2016.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.

Do not contact contributors directly about support or help with technical issues.

Credits
=======

Authors
~~~~~~~

* Akretion

Contributors
~~~~~~~~~~~~

* `Akretion <https://www.akretion.com>`_:

* Florian Mounier

Maintainers
~~~~~~~~~~~

This module is maintained by the OCA.

.. image:: https://odoo-community.org/logo.png
:alt: Odoo Community Association
:target: https://odoo-community.org

OCA, or the Odoo Community Association, is a nonprofit organization whose
mission is to support the collaborative development of Odoo features and
promote its widespread use.

.. |maintainer-paradoxxxzero| image:: https://github.com/paradoxxxzero.png?size=40px
:target: https://github.com/paradoxxxzero
:alt: paradoxxxzero

Current `maintainer <https://odoo-community.org/page/maintainer-role>`__:

|maintainer-paradoxxxzero|

This module is part of the `OCA/rest-framework <https://github.com/OCA/rest-framework/tree/16.0/fastapi_encrypted_errors>`_ project on GitHub.

You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.
3 changes: 3 additions & 0 deletions fastapi_encrypted_errors/__init__.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
from . import models
from . import wizards
from . import fastapi_dispatcher
25 changes: 25 additions & 0 deletions fastapi_encrypted_errors/__manifest__.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
# Copyright 2024 Akretion (http://www.akretion.com).
# @author Florian Mounier <[email protected]>
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).

{
"name": "FastAPI Encrypted Errors",
"summary": "Adds encrypted error messages to FastAPI error responses.",
"version": "16.0.1.0.0",
"license": "AGPL-3",
"author": "Akretion,Odoo Community Association (OCA)",
"maintainers": ["paradoxxxzero"],
"website": "https://github.com/OCA/rest-framework",
"depends": [
"fastapi",
],
"data": [
"security/ir.model.access.csv",
"views/fastapi_endpoint_views.xml",
"wizards/wizard_fastapi_decrypt_errors_views.xml",
],
"demo": [],
"external_dependencies": {
"python": ["cryptography"],
},
}
32 changes: 32 additions & 0 deletions fastapi_encrypted_errors/fastapi_dispatcher.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
# Copyright 2024 Akretion (http://www.akretion.com).
# @author Florian Mounier <[email protected]>
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).

from odoo.http import _dispatchers

from odoo.addons.fastapi.error_handlers import convert_exception_to_status_body


# Inherit from last dispatcher of fastapi registered
# This handles multiple overloaded dispatchers
class FastApiDispatcher(_dispatchers["fastapi"]):
routing_type = "fastapi"

def handle_error(self, exc):
environ = self._get_environ()
root_path = "/" + environ["PATH_INFO"].split("/")[1]
fastapi_endpoint = (
self.request.env["fastapi.endpoint"]
.sudo()
.search([("root_path", "=", root_path)])
)
if fastapi_endpoint.encrypt_errors:
headers = getattr(exc, "headers", None)
status_code, body = convert_exception_to_status_body(exc)
if body:
body["ref"] = fastapi_endpoint._encrypt_error(exc)
return self.request.make_json_response(
body, status=status_code, headers=headers
)

return super().handle_error(exc)
1 change: 1 addition & 0 deletions fastapi_encrypted_errors/models/__init__.py
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
from . import fastapi_endpoint
47 changes: 47 additions & 0 deletions fastapi_encrypted_errors/models/fastapi_endpoint.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
# Copyright 2024 Akretion (http://www.akretion.com).
# @author Florian Mounier <[email protected]>
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
import traceback
import zlib

from cryptography.fernet import Fernet

from odoo import fields, models


class FastapiEndpoint(models.Model):
_inherit = "fastapi.endpoint"

encrypt_errors = fields.Boolean(
help="Encrypt errors before sending them to the client.",
)
encrypted_errors_secret_key = fields.Char(
help="The secret key used to encrypt errors before sending them to the client.",
default=lambda _: Fernet.generate_key(),
readonly=True,
)

def action_generate_encrypted_errors_secret_key(self):
for record in self:
record.encrypted_errors_secret_key = Fernet.generate_key()

def _encrypt_error(self, exc):
self.ensure_one()
if not self.encrypt_errors or not self.encrypted_errors_secret_key:
return

# Get full traceback
error = "".join(traceback.format_exception(exc))
# zlib compression works quite well on tracebacks
error = zlib.compress(error.encode("utf-8"))
f = Fernet(self.encrypted_errors_secret_key)
return f.encrypt(error)

def _decrypt_error(self, error):
self.ensure_one()
if not self.encrypt_errors or not self.encrypted_errors_secret_key:
return

f = Fernet(self.encrypted_errors_secret_key)
error = f.decrypt(error)
return zlib.decompress(error).decode("utf-8")
3 changes: 3 additions & 0 deletions fastapi_encrypted_errors/readme/CONTRIBUTORS.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
* `Akretion <https://www.akretion.com>`_:

* Florian Mounier
3 changes: 3 additions & 0 deletions fastapi_encrypted_errors/readme/DESCRIPTION.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
This module adds a "ref" field in the error response of FastAPI.
This field is an AES encrypted string that contains the error message / traceback.
This encrypted string can be decrypted using the endpoint decrypt error wizard.
7 changes: 7 additions & 0 deletions fastapi_encrypted_errors/readme/USAGE.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
First you have to enable the encryption for an endpoint by checking the `Encrypt Errors` checkbox
in the endpoint configuration.

To decrypt an error message, you can use the "Decrypt Error" wizard in the
FastAPI menu.

You can regenerate a new key by clicking on the "Regenerate Key" button next to the `Errors Secret Key` field.
2 changes: 2 additions & 0 deletions fastapi_encrypted_errors/security/ir.model.access.csv
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
access_fastapi_wizard_auth_partner_impersonate,wizard_fastapi_decrypt_errors,model_wizard_fastapi_decrypt_errors,fastapi.group_fastapi_manager,1,1,1,1
Loading
Loading