EBICS 3.0 - add extra checks on settings

This commit is contained in:
Luc De Meyer 2022-12-23 15:16:22 +01:00
parent 4a2a1e0b64
commit 7fc84111ac
3 changed files with 27 additions and 1 deletions

View File

@ -163,6 +163,12 @@ class EbicsConfig(models.Model):
def _default_ebics_keys(self): def _default_ebics_keys(self):
return "/".join(["/etc/odoo/ebics_keys", self._cr.dbname]) return "/".join(["/etc/odoo/ebics_keys", self._cr.dbname])
@api.constrains("ebics_key_bitlength")
def _check_ebics_key_bitlength(self):
for cfg in self:
if cfg.ebics_version == "H005" and cfg.ebics_key_bitlength < 2048:
raise UserError(_("EBICS key bitlength must be >= 2048."))
@api.constrains("order_number") @api.constrains("order_number")
def _check_order_number(self): def _check_order_number(self):
for cfg in self: for cfg in self:

View File

@ -64,6 +64,7 @@ class EbicsUserID(models.Model):
ebics_config_id = fields.Many2one( ebics_config_id = fields.Many2one(
comodel_name="ebics.config", string="EBICS Configuration", ondelete="cascade" comodel_name="ebics.config", string="EBICS Configuration", ondelete="cascade"
) )
ebics_version = fields.Selection(related="ebics_config_id.ebics_version")
user_ids = fields.Many2many( user_ids = fields.Many2many(
comodel_name="res.users", comodel_name="res.users",
string="Users", string="Users",
@ -185,12 +186,23 @@ class EbicsUserID(models.Model):
rec.ebics_keys_fn rec.ebics_keys_fn
) )
@api.constrains("ebics_key_x509")
def _check_ebics_key_x509(self):
for cfg in self:
if cfg.ebics_version == "H005" and not cfg.ebics_key_x509:
raise UserError(_("X.509 certificates must be used with EBICS 3.0."))
@api.constrains("ebics_passphrase") @api.constrains("ebics_passphrase")
def _check_ebics_passphrase(self): def _check_ebics_passphrase(self):
for rec in self: for rec in self:
if not rec.ebics_passphrase or len(rec.ebics_passphrase) < 8: if not rec.ebics_passphrase or len(rec.ebics_passphrase) < 8:
raise UserError(_("The passphrase must be at least 8 characters long")) raise UserError(_("The passphrase must be at least 8 characters long"))
@api.onchange("ebics_version")
def _onchange_ebics_version(self):
if self.ebics_version == "H005":
self.ebics_key_x509 = True
@api.onchange("signature_class") @api.onchange("signature_class")
def _onchange_signature_class(self): def _onchange_signature_class(self):
if self.signature_class == "T": if self.signature_class == "T":
@ -292,7 +304,14 @@ class EbicsUserID(models.Model):
kwargs = {k: v for k, v in dn_attrs.items() if v} kwargs = {k: v for k, v in dn_attrs.items() if v}
user.create_certificates(**kwargs) user.create_certificates(**kwargs)
try:
client = EbicsClient(bank, user, version=ebics_version) client = EbicsClient(bank, user, version=ebics_version)
except RuntimeError as err:
e = exc_info()
error = _("EBICS Initialization Error:")
error += "\n"
error += err.args[0]
raise UserError(error) from err
# Send the public electronic signature key to the bank. # Send the public electronic signature key to the bank.
ebics_config_bank = self.ebics_config_id.journal_ids[0].bank_id ebics_config_bank = self.ebics_config_id.journal_ids[0].bank_id

View File

@ -85,6 +85,7 @@
<group name="main" attrs="{'readonly': [('state', '!=', 'draft')]}"> <group name="main" attrs="{'readonly': [('state', '!=', 'draft')]}">
<field name="ebics_keys_found" invisible="1" /> <field name="ebics_keys_found" invisible="1" />
<field name="ebics_keys_fn" invisible="1" /> <field name="ebics_keys_fn" invisible="1" />
<field name="ebics_version" invisible="1" />
<group name="main-left"> <group name="main-left">
<field name="name" /> <field name="name" />
<field <field