1. Mailing Lists
  2. Contributors
  3. Re: Migration auth_admin_passkey to 11.0 and 12.0

Contributors mailing list archives

contributors@odoo-community.org

Browse archives

RE: Migration auth_admin_passkey to 11.0 and 12.0

Re: Migration auth_admin_passkey to 11.0 and 12.0

Avatar

Re: Migration auth_admin_passkey to 11.0 and 12.0

by
InitOS GmbH, Florian Kantelberg
- 21/06/2019 14:03:51

Hi,

as far as I understood: the main point would be that you can do things as the other user. The system will only show that the user did something while the admin actually did it.

But I'm not sure either and asked our person in charge of GDPR.

Regards.

Am 21.06.19 um 11:12 schrieb Sylvain LE GAL:
Hi,

could you precise what is the problem(s) regarding the GDPR ?
Regarding the full access that is granted by this module, It is given to the admin user only, that has by design, access to all the database. (ACL bypassed).


Kind regards.

Sylvain LE GAL - Twitter
GRAP - Service informatique (Groupement Régional Alimentaire de Proximité)
Site Web | FramaSphere | Facebook
3 Grande rue des Feuillants, 69001 Lyon
Bureau : (+33) 09.72.32.33.17 - Astreinte : (+33) 06.81.85.61.43
Member of the OCA (Odoo Community Association)


Le jeu. 20 juin 2019 à 15:17, Florian Kantelberg <florian.kantelberg@initos.com> a écrit :

Hi,

I would propose an OTP like process for the auth_admin_passkey and a change in the login process for the admin. It would be GDPR conform if the user has to generate an OTP first and give that to the admin who wants to access his account. The admin therefore needs his own password + the OTP from the user to login as a different user. The otp can have a lifetime as well.

I can try to migrate the module with the mentioned changes in the next days if there are no further concerns.

Regards.

Am 17.06.19 um 09:17 schrieb Davide Corio:
Hi,
I believe that the module itself is not a risk, using it the wrong way might be.

That module remains really useful during the development phase.


On Fri, Jun 14, 2019 at 3:52 PM Pedro M. Baeza (Tecnativa) <pedro.baeza@tecnativa.com> wrote:
Yes, server-auth is the good host. I think nobody has migrated yet because of the risks of vulnerating GDPR.

Regards.

_______________________________________________
Mailing-List: https://odoo-community.org/groups/contributors-15
Post to: mailto:contributors@odoo-community.org
Unsubscribe: https://odoo-community.org/groups?unsubscribe



--
Davide Corio
Odoo Solution Architect
Mobile: +39 340 810 6954

_______________________________________________
Mailing-List: https://odoo-community.org/groups/contributors-15
Post to: mailto:contributors@odoo-community.org
Unsubscribe: https://odoo-community.org/groups?unsubscribe

-- 
Mit freundlichen Grüßen

Florian Kantelberg
Softwareentwickler

initOS GmbH
An der Eisenbahn 1
21224 Rosengarten

Tel.: +49 (0) 4105 5615644
Fax: +49 (0) 4105 5615610

Email: florian.kantelberg@initos.com
Internet: http://www.initos.com

Geschäftsführung:
Dr.-Ing. Frederik Kramer & Dipl.-Ing. (FH) Torsten Francke

Sitz der Gesellschaft: Rosengarten – Klecken
Amtsgericht: Tostedt, HRB 205226
USt-IdNr: DE 815580155
Steuer-Nr: 15/200/53247

_______________________________________________
Mailing-List: https://odoo-community.org/groups/contributors-15
Post to: mailto:contributors@odoo-community.org
Unsubscribe: https://odoo-community.org/groups?unsubscribe

_______________________________________________
Mailing-List: https://odoo-community.org/groups/contributors-15
Post to: mailto:contributors@odoo-community.org
Unsubscribe: https://odoo-community.org/groups?unsubscribe

-- 
Mit freundlichen Grüßen

Florian Kantelberg
Softwareentwickler

initOS GmbH
An der Eisenbahn 1
21224 Rosengarten

Tel.: +49 (0) 4105 5615644
Fax: +49 (0) 4105 5615610

Email: florian.kantelberg@initos.com
Internet: http://www.initos.com

Geschäftsführung:
Dr.-Ing. Frederik Kramer & Dipl.-Ing. (FH) Torsten Francke

Sitz der Gesellschaft: Rosengarten – Klecken
Amtsgericht: Tostedt, HRB 205226
USt-IdNr: DE 815580155
Steuer-Nr: 15/200/53247

Reference