IRC logs of #tryton for Friday, 2018-06-22

chat.freenode.net #tryton log beginning Fri Jun 22 00:00:01 CEST 2018
-!- udono1(~udono@121-058-210-188.ip-addr.inexio.net) has joined #tryton		23:05
-!- cedk(~ced@gentoo/developer/cedk) has joined #tryton		23:12
-!- Tesla42(~stefan@2001:638:911:10b:134:109:196:3) has joined #tryton		00:20
-!- VlijmenFileer-se(~VlijmenFi@199.195.193.181) has joined #tryton		00:41
-!- kmm(~kmm@142.196.170.87) has joined #tryton		02:35
-!- cryptic(~cryptic@142.196.170.87) has joined #tryton		02:35
-!- cryptic_(~cryptic@142.196.170.87) has joined #tryton		02:36
-!- yangoon(~mathiasb@i59F4A11B.versanet.de) has joined #tryton		02:52
-!- cryptic(~cryptic@142.196.170.87) has joined #tryton		02:54
-!- tafelgeschirr(~tafelgesc@5.104.149.54) has joined #tryton		05:12
-!- Timitos(~kpreisler@host-88-217-184-172.customer.m-online.net) has joined #tryton		05:32
-!- LordVan(~LordVan@gentoo/developer/LordVan) has joined #tryton		06:02
-!- mrichez(~smuxi@mail.saluc.com) has joined #tryton		06:49
-!- jmpoure(~jmpoure@63.109.206.77.rev.sfr.net) has joined #tryton		06:50
-!- rpit(~ralf@p200300C88F352A001CB049140027CE21.dip0.t-ipconnect.de) has joined #tryton		06:58
-!- udono(~udono@121-058-210-188.ip-addr.inexio.net) has joined #tryton		07:18
-!- cedk(~ced@gentoo/developer/cedk) has joined #tryton		07:18
-!- Lordvan_(~LordVan@gentoo/developer/LordVan) has joined #tryton		07:57
-!- LV(~LordVan@gentoo/developer/LordVan) has joined #tryton		08:13
-!- nicoe(~nicoe@2a02:578:858c:500:ee55:f9ff:fe7b:f7ac) has joined #tryton		08:58
-!- Lordvan_(~LordVan@gentoo/developer/LordVan) has joined #tryton		09:16
sisalp	hello, when starting trytond-cron on a 4.8, I get a traceback: https://pastebin.com/pGxKRUFN	09:56
sisalp	anybody had the same ? Can it be matter of postgres version (9.3) ? psycopg2 is psycopg2==2.7.5	09:58
pokoli	sisalp: can not reproduce on 4.9, but from the traceback it seems that you do not have any activated module on the database	09:59
cedk	sisalp: looks like no module is found	10:00
sisalp	pokoli: cedk: indeed the database has just been created by trytond-admin and is waiting its first connection	10:01
sisalp	pokoli: cedk: do you mean that cron will be effective at next restart if someone has installed something in between. It would be ok, just a traceback for new databases.	10:02
cedk	sisalp: no, I mean that no python modules are found	10:05
-!- LV(~LordVan@gentoo/developer/LordVan) has joined #tryton		10:31
-!- orphean(~Orphean@31.192.224.224) has joined #tryton		10:32
-!- Lordvan_(~LordVan@gentoo/developer/LordVan) has joined #tryton		10:47
-!- Tesla42(~stefan@helme-3.informatik.tu-chemnitz.de) has joined #tryton		10:53
-!- mariomop(~quassel@181.110.48.233) has joined #tryton		11:03
sisalp	cedk: is the $TRYTONPASSFILE variable for tryton-admin still supported ?	11:45
pokoli	sisalp: yes it is	11:46
pokoli	sisalp: I use it on my development machine :)	11:46
sisalp	pokoli: thank you, looking elsewhere then ;-)	12:04
-!- mrichez(~smuxi@mail.saluc.com) has joined #tryton		12:08
sisalp	pokoli: looks like trytond-admin is waiting for an email address	12:18
pokoli	sisalp: yes, this is a new feature of 4.8 and it can be specified by flag on trytond-admin	12:19
sisalp	pokoli: what is the use of this email address ?	12:19
pokoli	sisalp: trytond-admin -h should list this flag	12:19
pokoli	sisalp: is the email of the admin user, which can be used to restore the password	12:19
sisalp	pokoli: it does, but it is optionnal	12:20
sisalp	pokoli: when I add an email toto@tata, it is ok, when I don't it prompts to get one.	12:21
sisalp	pokoli: so how to not set an email ?	12:21
pokoli	sisalp: you can not... An email should be set for new databases	12:25
sisalp	pokoli: ok, so, I will forge a fix to set a broken address or something like this.	12:27
pokoli	sisalp: who is the admin user of your database?	12:32
pokoli	sisalp: you? or your customer?	12:32
pokoli	sisalp: in both cases it should have a valid email address so better to set it	12:33
sisalp	pokoli: Is it possible that a test db keeps its admin mail when it is transfered to a production server ? If so, I would be in trouble.	12:36
pokoli	sisalp: yes, the email is keep, but no email will be sent on test environment if no smtp server is configured	12:36
sisalp	pokoli: The typical case is the other side, from test to production, and I won't bet on smtp availability to enforce security.	12:39
sisalp	pokoli: why do we need it ?	12:39
pokoli	sisalp: indeed you can configure a fake smpt server for testing environemnts. Something like: https://github.com/mailhog/MailHog	12:40
pokoli	sisalp: it will be used for password recovery and to send the cron issues (as normally administrator is set as request user)	12:40
sisalp	pokoli: cron issues was my initial guess, so I didn't use it since I monitor the log. password recovery is another story.	12:42
pokoli	sisalp: feel free to use a fake email or a generic email, but it will be good to set this with the email of the administrator: That's why we try to enforce it	12:45
sisalp	pokoli: I guess it was disccuss at the time it was done, if I'm the only one I will forge my server. Seems to me as a bad practice and security concern, in particular at empty database creation step.	12:48
cedk	sisalp: what is the security concern?	12:48
cedk	sisalp: also if you realy do not want to put an email, you can just set it to ''	12:52
cedk	ex: --email ""	12:52
sisalp	cedk: if I understand correctly, when a database backup is moved between two authorities, someone has the possibility to reset a password because his mail was declared at database initialisation.	12:54
sisalp	cedk: --email "" is perfect for me. It makes this address optional.	12:54
pokoli	sisalp: he has the possiblity to reset it's own password	12:54
cedk	sisalp: no, the email does not give the right to reset the password, it is to receive the email	12:54
cedk	sisalp: only an admin group user or via command line, a password can be reset	12:55
sisalp	cedk: perfect	12:55
sisalp	cedk: so how is this email used for password recovery ?	12:56
pokoli	sisalp: https://bugs.tryton.org/issue7037	12:57
cedk	sisalp: for admin user, it is usually from command line: trytond-admin with the option --reset-password	12:57
cedk	sisalp: this allows the operator to reset a password without knowning it	12:57
cedk	sisalp: it should be useful for hoster like you because the reset password uses best practice	12:58
cedk	ex: reset password is valid only once and for a short period	12:58
cedk	not only once but until it is changed	12:59
sisalp	cedk: seems ok. I used to patch on postgresql, for example at restore step, before I start the trytond server, it is quite similar.	13:03
sisalp	pokoli: thank you for the link to the issue, but the link to discuss.tryton.org fails	13:11
cedk	sisalp: it works for m	14:04
sisalp	cedk: works from another place. it is ok.	14:56
cedk	sisalp: is it an internal network issue or more general?	15:00
sisalp	probably on my side	15:00
-!- andrespoliti(~andrespol@181.93.54.196) has joined #tryton		15:27
andrespoliti	hi, i'm in trytond 4.0.15 and account_invoice 4.0.6 How can i restrict a group of users of pressing the pay button of invoice? I inserted an xml record of type ir.model.button for the pay button, and then assigned permissions to a test group, but when i log into a member of test group, i can't press pay	15:29
-!- LV(~LordVan@gentoo/developer/LordVan) has joined #tryton		15:40
cedk	andrespoliti: what is happening?	15:41
andrespoliti	cedk: the permissions for the button appear not to be working	15:41
cedk	andrespoliti: what is happening?	15:41
andrespoliti	cedk: for the button pay of model invoice, i assigned permissions for the groups Administration and test_buttons	15:41
andrespoliti	cedk: when i login with admin, i can press the pay button, but when i login with a member of test_buttons, i can't	15:42
cedk	andrespoliti: why can't you, what is happening?	15:42
andrespoliti	cedk: the button is greyed out	15:43
cedk	andrespoliti: did you refresh the cache?	15:43
andrespoliti	you mean by restarting the client?	15:44
cedk	andrespoliti: everything	15:44
andrespoliti	yes, same thing	15:45
andrespoliti	the test_buttons group also has read and write permissions for invoice	15:46
andrespoliti	cedk: actually, it has read, write, create and delete, and i can create an invoice, but i still can't press any buttons	15:48
andrespoliti	cedk: was it correct to add via xml the definition of the button?	15:51
cedk	andrespoliti: in 4.0 pay button has hardcoded readonly	15:52
andrespoliti	for all except admin?	15:52
andrespoliti	cedk: and how is it hardcoded?	16:02
-!- mariomop_(~quassel@host242.190-138-229.telecom.net.ar) has joined #tryton		16:09
cedk	andrespoliti: http://hg.tryton.org/modules/account_invoice/file/4.0/invoice.py#l259	16:30
andrespoliti	cedk: okey, thanks	16:33
-!- orphean(~Orphean@31.192.224.224) has joined #tryton		17:10
-!- rpit(~ralf@p4FD19118.dip0.t-ipconnect.de) has joined #tryton		19:08
-!- Tesla42(~stefan@anon-49-189.vpn.ipredator.se) has joined #tryton		19:22
-!- semarie(~semarie@unaffiliated/semarie) has joined #tryton		20:00
-!- Tesla42(~stefan@anon-49-164.vpn.ipredator.se) has joined #tryton		20:50
-!- sim6_(~sim6@185.107.106.105) has joined #tryton		21:19
-!- sim6__(~sim6@185.107.106.105) has joined #tryton		21:19
sim6_	hello	21:19
sim6_	demo4.8.tryton.org isn't working :(	21:19
cedk	sim6_: looks like someone has exhausted all available connections	21:34
-!- Tesla42(~stefan@anon-49-223.vpn.ipredator.se) has joined #tryton		21:39
sim6_	cedk: thanks for taking care of that	21:47

Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!