| REPOSITORY | |
|---|---|
| REPOSITORY | OCA/server-auth |
| GIT | |
| GIT | https://github.com/OCA/server-auth.git |
| GIT FOLDER | |
| GIT FOLDER | https://github.com/OCA/server-auth/tree/18.0/vault |
| VERSION | |
| VERSION | 1.0.4 |
| CATEGORY | |
| CATEGORY | Vault |
| LICENSE | |
| LICENSE | AGPL-3 |
| APPLICATION | |
| APPLICATION | Yes |
| AUTO-INSTALLABLE | |
| AUTO-INSTALLABLE | No |
| AUTHORS | |
| AUTHORS | Odoo Community Association (OCA), initOS GmbH |
| MAINTAINERS | |
| MAINTAINERS | Odoo Community Association (OCA), initOS GmbH |
| COMMITTERS | |
| COMMITTERS | Weblate, OCA-git-bot, oca-ci, Carlos Roca, CarlosRoca13 |
| WEBSITE | |
| WEBSITE | https://github.com/OCA/server-auth |
| LAST TRACKING UPDATE | |
| LAST TRACKING UPDATE | 2026-07-06 19:30:10 |
| ODOO DEPENDENCIES | |
| ODOO DEPENDENCIES |
odoo/odoo: - base_setup - base - web |
| PYTHON DEPENDENCIES | |
| PYTHON DEPENDENCIES | Not have |
| SYSTEM DEPENDENCIES | |
| SYSTEM DEPENDENCIES | Not have |
| DESCRIPTION | |
| DESCRIPTION | This module implements a vault for secrets and files using end-to-end-encryption. The encryption and decryption happens in the browser using a vault specific shared master key. The master keys are encrypted using asymmetrically. For this the user has to enter a second password on the first login or if he needs to access data in a vault. The asymmetric keys are stored for a certain time in the browser storage. The server can never access the secrets with the information available. Only people registered in the vault can decrypt or encrypt values in a vault. The meta data isn't encrypted to be able to search/filter for entries more easily. This modules requires a secure context for the browser to work properly and therefore HTTPS support is required. The [vault-recovery](https://github.com/fkantelberg/vault-recovery) project focuses on disaster recovery in case of an incident to recover secrets from old database backups or old exports. |
| XML ID | Name | Model | Type | Status |
|---|---|---|---|---|
inbox |
inbox | ir.ui.view | qweb | New |
res_config_settings_view_form |
res.config.settings.view.form | res.config.settings | block | Inherits base_setup.res_config_settings_view_form |
view_res_users_key_form |
res.users.key | form | New | |
view_res_users_key_tree |
res.users.key | list | New | |
view_right_form |
vault.right | form | New | |
view_right_tree |
vault.right | list | New | |
view_users_form_keys_modif |
res.users | form | New | |
view_vault_entry_form |
vault.entry | form | New | |
view_vault_entry_full_tree |
vault.entry | list | New | |
view_vault_entry_overview_form |
vault.entry | field | Inherits view_vault_entry_form | |
view_vault_entry_search |
vault.entry.search | vault.entry | search | New |
view_vault_entry_tree |
vault.entry | list | New | |
view_vault_export_wizard |
vault.export.wizard | form | New | |
view_vault_field_form |
vault.field | form | New | |
view_vault_field_tree |
vault.field | list | New | |
view_vault_file_form |
vault.file | form | New | |
view_vault_file_tree |
vault.file | list | New | |
view_vault_form |
vault | form | New | |
view_vault_import_wizard |
vault.import.wizard | form | New | |
view_vault_inbox_form |
vault.inbox | form | New | |
view_vault_inbox_tree |
vault.inbox | list | New | |
view_vault_log_tree |
vault.log | list | New | |
view_vault_right_overview_search |
vault.right.overview.search | vault.right | search | New |
view_vault_right_overview_tree |
vault.right | list | New | |
view_vault_search |
vault.search | vault | search | New |
view_vault_send_wizard |
vault.send.wizard | form | New | |
view_vault_store_wizard |
vault.store.wizard | form | New | |
view_vault_tree |
vault | list | New |
group_vault_export
Boolean
implied_group='vault.group_vault_export'
args: 'Export Vaults'
group_vault_import
Boolean
implied_group='vault.group_vault_import'
args: 'Import Vaults'
module_vault_share
Boolean
No public methods.
active_key
Many2one → res.users.key
compute='_compute_active_key'
store=False
args: 'res.users.key'
inbox_enabled
Boolean
default=True
inbox_ids
One2many → vault.inbox
inbox_link
Char
compute='_compute_inbox_link'
readonly=True
store=False
inbox_token
Char
default=<expr>
readonly=True
keys
One2many → res.users.key
readonly=True
args: 'res.users.key', 'user_id'
vault_right_ids
One2many → vault.right
readonly=True
args: 'vault.right', 'user_id'
action_get_vault(self)
action_invalidate_key(self)
action_new_inbox_token(self)
find_user_of_inbox(self, token)
get_vault_keys(self)
current
Boolean
default=True
readonly=True
fingerprint
Char
compute='_compute_fingerprint'
store=True
iterations
Integer
readonly=True
required=True
iv
Char
readonly=True
required=True
private
Char
readonly=True
required=True
public
Char
readonly=True
required=True
salt
Char
readonly=True
required=True
user_id
Many2one → res.users
required=True
args: 'res.users'
uuid
Char
default=<expr>
readonly=True
required=True
version
Integer
readonly=True
extract_public_key(self, user)
store(self, iterations, iv, private, public, salt, version)
allowed_create
Boolean
compute='_compute_access'
store=False
allowed_delete
Boolean
compute='_compute_access'
store=False
allowed_read
Boolean
compute='_compute_access'
store=False
allowed_share
Boolean
compute='_compute_access'
store=False
allowed_write
Boolean
compute='_compute_access'
store=False
entry_ids
One2many → vault.entry
field_ids
One2many → vault.field
file_ids
One2many → vault.file
log_ids
One2many → vault.log
readonly=True
args: 'vault.log', 'vault_id', 'Log'
master_key
Char
compute='_compute_master_key'
inverse='_inverse_master_key'
store=False
name
Char
required=True
note
Text
perm_user
Many2one → res.users
compute='_compute_access'
store=False
args: 'res.users'
reencrypt_required
Boolean
default=False
right_ids
One2many → vault.right
default=<expr>
args: 'vault.right', 'vault_id', 'Rights'
user_id
Many2one → res.users
default=<expr>
readonly=True
required=True
args: 'res.users', 'Owner'
uuid
Char
default=<expr>
readonly=True
required=True
action_open_export_wizard(self)
action_open_import_wizard(self)
share_public_keys(self)
No new fields.
Public methods (6)check_access(self, operation)
log_entry(self, msg)
log_error(self, msg)
log_info(self, msg)
log_warn(self, msg)
raise_access_error(self)
allowed_create
Boolean
related='vault_id.allowed_create'
store=False
allowed_delete
Boolean
related='vault_id.allowed_delete'
store=False
allowed_read
Boolean
related='vault_id.allowed_read'
store=False
allowed_share
Boolean
related='vault_id.allowed_share'
store=False
allowed_write
Boolean
related='vault_id.allowed_write'
store=False
entry_id
Many2one → vault.entry
ondelete='cascade'
required=True
args: 'vault.entry'
entry_name
Char
related='entry_id.complete_name'
iv
Char
master_key
Char
compute='_compute_master_key'
store=False
name
Char
required=True
perm_user
Many2one
related='vault_id.perm_user'
store=False
vault_id
Many2one
related='entry_id.vault_id'
create(self, vals_list)
log_change(self, action)
unlink(self)
write(self, values)
allowed_create
Boolean
related='vault_id.allowed_create'
store=False
allowed_delete
Boolean
related='vault_id.allowed_delete'
store=False
allowed_read
Boolean
related='vault_id.allowed_read'
store=False
allowed_share
Boolean
related='vault_id.allowed_share'
store=False
allowed_write
Boolean
related='vault_id.allowed_write'
store=False
child_ids
One2many → vault.entry
complete_name
Char
compute='_compute_complete_name'
readonly=True
recursive=True
store=True
expire_date
Datetime
default=False
args: 'Expires on'
expired
Boolean
compute='_compute_expired'
search='_search_expired'
store=False
field_ids
One2many → vault.field
file_ids
One2many → vault.file
log_ids
One2many → vault.log
readonly=True
args: 'vault.log', 'entry_id', 'Log'
name
Char
required=True
note
Text
parent_id
Many2one → vault.entry
domain="[('vault_id', '=', vault_id)]"
ondelete='cascade'
args: 'vault.entry', 'Parent'
perm_user
Many2one
related='vault_id.perm_user'
store=False
tags
Many2many → vault.tag
url
Char
user_id
Many2one
related='vault_id.user_id'
uuid
Char
copy=False
default=<expr>
required=True
vault_id
Many2one → vault
ondelete='cascade'
required=True
args: 'vault', 'Vault'
action_open_export_wizard(self)
action_open_import_wizard(self)
copy_data(self, default=None)
create(self, vals_list)
log_change(self, action)
search_panel_select_range(self, field_name, **kwargs)
search_read(self, domain=None, fields=None, offset=0, limit=None, order=None)
unlink(self)
content
Binary
attachment=False
args: 'Download'
entry_id
Many2one → vault.entry
domain="[('vault_id', '=', vault_id)]"
args: 'vault.entry', 'Entries'
include_childs
Boolean
default=True
master_key
Char
related='vault_id.master_key'
name
Char
default=<expr>
vault_id
Many2one → vault
No public methods.
value
Char
required=True
No public methods.
value
Binary
attachment=False
search_read(self, *args, **kwargs)
content
Binary
attachment=False
args: 'Database'
crypted_content
Char
master_key
Char
related='vault_id.master_key'
name
Char
parent_id
Many2one → vault.entry
domain="[('vault_id', '=', vault_id)]"
args: 'vault.entry', 'Parent Entry'
path
Many2one → vault.import.wizard.path
default=''
domain="[('uuid', '=', uuid)]"
args: 'vault.import.wizard.path', 'Path to import'
uuid
Char
default=<expr>
vault_id
Many2one → vault
action_import(self)
name
Char
required=True
uuid
Char
required=True
No public methods.
accesses
Integer
default=1
help="If this is 0 the inbox can't be written using the link"
args: 'Access counter'
expiration
Datetime
default=<expr>
help="If expired the inbox can't be written using the link"
filename
Char
inbox_link
Char
compute='_compute_inbox_link'
help='Using this link you can write to the current inbox. If you want people to create new inboxes you should give them your inbox link from your key management.'
readonly=True
iv
Char
required=True
key
Char
required=True
log_ids
One2many → vault.inbox.log
readonly=True
args: 'vault.inbox.log', 'inbox_id', 'Log'
name
Char
required=True
secret
Char
readonly=True
secret_file
Binary
attachment=False
readonly=True
token
Char
copy=False
default=<expr>
readonly=True
user_id
Many2one → res.users
required=True
args: 'res.users', 'Vault'
find_inbox(self, token)
read(self, *args, **kwargs)
store_in_inbox(self, name, secret, secret_file, iv, key, user, filename, ip=None)
inbox_id
Many2one → vault.inbox
ondelete='cascade'
readonly=True
required=True
args: 'vault.inbox'
name
Char
readonly=True
No public methods.
entry_id
Many2one → vault.entry
ondelete='cascade'
readonly=True
args: 'vault.entry', 'Entry'
message
Char
readonly=True
required=True
state
Selection
readonly=True
args: <expr>
user_id
Many2one → res.users
readonly=True
required=True
args: 'res.users', 'User'
vault_id
Many2one → vault
ondelete='cascade'
readonly=True
required=True
args: 'vault', 'Vault'
create(self, vals_list)
allowed_create
Boolean
related='vault_id.allowed_create'
store=False
allowed_delete
Boolean
related='vault_id.allowed_delete'
store=False
allowed_read
Boolean
related='vault_id.allowed_read'
store=False
allowed_share
Boolean
related='vault_id.allowed_share'
store=False
allowed_write
Boolean
related='vault_id.allowed_write'
store=False
key
Char
master_key
Char
readonly=True
related='vault_id.master_key'
store=False
perm_create
Boolean
default=<expr>
help='Allow to create in the vault'
args: 'Create'
perm_delete
Boolean
default=<expr>
help='Allow to delete a vault'
args: 'Delete'
perm_share
Boolean
default=<expr>
help='Allow to share a vault with new users'
args: 'Share'
perm_user
Many2one
related='vault_id.perm_user'
store=False
perm_write
Boolean
default=<expr>
help='Allow to write to the vault'
args: 'Write'
public_key
Char
compute='_compute_public_key'
readonly=True
store=False
user_id
Many2one → res.users
domain=[('keys', '!=', False)]
required=True
args: 'res.users', 'User'
vault_id
Many2one → vault
ondelete='cascade'
readonly=True
required=True
args: 'vault', 'Vault'
create(self, vals_list)
log_access(self)
unlink(self)
write(self, values)
filename
Char
iv
Char
required=True
key
Char
required=True
key_user
Char
required=True
name
Char
required=True
public
Char
related='user_id.active_key.public'
secret
Char
secret_file
Char
user_id
Many2one → res.users
domain=[('keys', '!=', False), ('inbox_enabled', '=', True)]
required=True
args: 'res.users', 'User'
action_send(self)
entry_id
Many2one → vault.entry
domain="[('vault_id', '=', vault_id)]"
required=True
args: 'vault.entry', 'Entry'
iv
Char
required=True
key
Char
required=True
master_key
Char
compute='_compute_master_key'
store=False
model
Char
required=True
name
Char
required=True
secret
Char
required=True
secret_temporary
Char
required=True
vault_id
Many2one → vault
required=True
args: 'vault', 'Vault'
action_store(self)
name
Char
required=True
No public methods.
| REPOSITORY | |
|---|---|
| REPOSITORY | OCA/server-auth |
| GIT | |
| GIT | https://github.com/OCA/server-auth.git |
| GIT FOLDER | |
| GIT FOLDER | https://github.com/OCA/server-auth/tree/16.0/vault |
| VERSION | |
| VERSION | 1.0.3 |
| CATEGORY | |
| CATEGORY | Vault |
| LICENSE | |
| LICENSE | AGPL-3 |
| APPLICATION | |
| APPLICATION | Yes |
| AUTO-INSTALLABLE | |
| AUTO-INSTALLABLE | No |
| AUTHORS | |
| AUTHORS | Odoo Community Association (OCA), initOS GmbH |
| MAINTAINERS | |
| MAINTAINERS | Odoo Community Association (OCA), initOS GmbH |
| COMMITTERS | |
| COMMITTERS | Weblate, OCA-git-bot, oca-ci, fkantelberg, Carlos Roca |
| WEBSITE | |
| WEBSITE | https://github.com/OCA/server-auth |
| LAST TRACKING UPDATE | |
| LAST TRACKING UPDATE | 2026-07-06 00:53:43 |
| ODOO DEPENDENCIES | |
| ODOO DEPENDENCIES |
odoo/odoo: - base_setup - base - web |
| PYTHON DEPENDENCIES | |
| PYTHON DEPENDENCIES | Not have |
| SYSTEM DEPENDENCIES | |
| SYSTEM DEPENDENCIES | Not have |
| DESCRIPTION | |
| DESCRIPTION | |
| XML ID | Name | Model | Type | Status |
|---|---|---|---|---|
inbox |
inbox | ir.ui.view | qweb | New |
res_config_settings_view_form |
res.config.settings.view.form | res.config.settings | div | Inherits base_setup.res_config_settings_view_form |
view_res_users_key_form |
res.users.key | form | New | |
view_res_users_key_tree |
res.users.key | tree | New | |
view_right_form |
vault.right | form | New | |
view_right_tree |
vault.right | tree | New | |
view_users_form_keys_modif |
res.users | form | New | |
view_vault_entry_form |
vault.entry | form | New | |
view_vault_entry_full_tree |
vault.entry | tree | New | |
view_vault_entry_overview_form |
vault.entry | field | Inherits view_vault_entry_form | |
view_vault_entry_search |
vault.entry.search | vault.entry | search | New |
view_vault_entry_tree |
vault.entry | tree | New | |
view_vault_export_wizard |
vault.export.wizard | form | New | |
view_vault_field_form |
vault.field | form | New | |
view_vault_field_tree |
vault.field | tree | New | |
view_vault_file_form |
vault.file | form | New | |
view_vault_file_tree |
vault.file | tree | New | |
view_vault_form |
vault | form | New | |
view_vault_import_wizard |
vault.import.wizard | form | New | |
view_vault_inbox_form |
vault.inbox | form | New | |
view_vault_inbox_tree |
vault.inbox | tree | New | |
view_vault_log_tree |
vault.log | tree | New | |
view_vault_right_overview_search |
vault.right.overview.search | vault.right | search | New |
view_vault_right_overview_tree |
vault.right | tree | New | |
view_vault_search |
vault.search | vault | search | New |
view_vault_send_wizard |
vault.send.wizard | form | New | |
view_vault_store_wizard |
vault.store.wizard | form | New | |
view_vault_tree |
vault | tree | New |
group_vault_export
Boolean
implied_group='vault.group_vault_export'
args: 'Export Vaults'
group_vault_import
Boolean
implied_group='vault.group_vault_import'
args: 'Import Vaults'
module_vault_share
Boolean
No public methods.
active_key
Many2one → res.users.key
compute='_compute_active_key'
store=False
args: 'res.users.key'
inbox_enabled
Boolean
default=True
inbox_ids
One2many → vault.inbox
inbox_link
Char
compute='_compute_inbox_link'
readonly=True
store=False
inbox_token
Char
default=<expr>
readonly=True
keys
One2many → res.users.key
readonly=True
args: 'res.users.key', 'user_id'
vault_right_ids
One2many → vault.right
readonly=True
args: 'vault.right', 'user_id'
action_get_vault(self)
action_invalidate_key(self)
action_new_inbox_token(self)
find_user_of_inbox(self, token)
get_vault_keys(self)
current
Boolean
default=True
readonly=True
fingerprint
Char
compute='_compute_fingerprint'
store=True
iterations
Integer
readonly=True
required=True
iv
Char
readonly=True
required=True
private
Char
readonly=True
required=True
public
Char
readonly=True
required=True
salt
Char
readonly=True
required=True
user_id
Many2one → res.users
required=True
args: 'res.users'
uuid
Char
default=<expr>
readonly=True
required=True
version
Integer
readonly=True
extract_public_key(self, user)
store(self, iterations, iv, private, public, salt, version)
allowed_create
Boolean
compute='_compute_access'
store=False
allowed_delete
Boolean
compute='_compute_access'
store=False
allowed_read
Boolean
compute='_compute_access'
store=False
allowed_share
Boolean
compute='_compute_access'
store=False
allowed_write
Boolean
compute='_compute_access'
store=False
entry_ids
One2many → vault.entry
field_ids
One2many → vault.field
file_ids
One2many → vault.file
log_ids
One2many → vault.log
readonly=True
args: 'vault.log', 'vault_id', 'Log'
master_key
Char
compute='_compute_master_key'
inverse='_inverse_master_key'
store=False
name
Char
required=True
note
Text
perm_user
Many2one → res.users
compute='_compute_access'
store=False
args: 'res.users'
reencrypt_required
Boolean
default=False
right_ids
One2many → vault.right
default=<expr>
args: 'vault.right', 'vault_id', 'Rights'
user_id
Many2one → res.users
default=<expr>
readonly=True
required=True
args: 'res.users', 'Owner'
uuid
Char
default=<expr>
readonly=True
required=True
action_open_export_wizard(self)
action_open_import_wizard(self)
share_public_keys(self)
No new fields.
Public methods (6)check_access_rule(self, operation)
log_entry(self, msg)
log_error(self, msg)
log_info(self, msg)
log_warn(self, msg)
raise_access_error(self)
allowed_create
Boolean
related='vault_id.allowed_create'
store=False
allowed_delete
Boolean
related='vault_id.allowed_delete'
store=False
allowed_read
Boolean
related='vault_id.allowed_read'
store=False
allowed_share
Boolean
related='vault_id.allowed_share'
store=False
allowed_write
Boolean
related='vault_id.allowed_write'
store=False
entry_id
Many2one → vault.entry
ondelete='cascade'
required=True
args: 'vault.entry'
entry_name
Char
related='entry_id.complete_name'
iv
Char
master_key
Char
compute='_compute_master_key'
store=False
name
Char
required=True
perm_user
Many2one
related='vault_id.perm_user'
store=False
vault_id
Many2one
related='entry_id.vault_id'
create(self, vals_list)
log_change(self, action)
unlink(self)
write(self, values)
allowed_create
Boolean
related='vault_id.allowed_create'
store=False
allowed_delete
Boolean
related='vault_id.allowed_delete'
store=False
allowed_read
Boolean
related='vault_id.allowed_read'
store=False
allowed_share
Boolean
related='vault_id.allowed_share'
store=False
allowed_write
Boolean
related='vault_id.allowed_write'
store=False
child_ids
One2many → vault.entry
complete_name
Char
compute='_compute_complete_name'
readonly=True
recursive=True
store=True
expire_date
Datetime
default=False
args: 'Expires on'
expired
Boolean
compute='_compute_expired'
search='_search_expired'
store=False
field_ids
One2many → vault.field
file_ids
One2many → vault.file
log_ids
One2many → vault.log
readonly=True
args: 'vault.log', 'entry_id', 'Log'
name
Char
required=True
note
Text
parent_id
Many2one → vault.entry
domain="[('vault_id', '=', vault_id)]"
ondelete='cascade'
args: 'vault.entry', 'Parent'
perm_user
Many2one
related='vault_id.perm_user'
store=False
tags
Many2many → vault.tag
url
Char
user_id
Many2one
related='vault_id.user_id'
uuid
Char
copy=False
default=<expr>
required=True
vault_id
Many2one → vault
ondelete='cascade'
required=True
args: 'vault', 'Vault'
action_open_export_wizard(self)
action_open_import_wizard(self)
copy_data(self, default=None)
create(self, vals_list)
log_change(self, action)
search_panel_select_range(self, field_name, **kwargs)
search_read(self, domain=None, fields=None, offset=0, limit=None, order=None)
unlink(self)
content
Binary
attachment=False
args: 'Download'
entry_id
Many2one → vault.entry
domain="[('vault_id', '=', vault_id)]"
args: 'vault.entry', 'Entries'
include_childs
Boolean
default=True
master_key
Char
related='vault_id.master_key'
name
Char
default=<expr>
vault_id
Many2one → vault
No public methods.
value
Char
required=True
No public methods.
value
Binary
attachment=False
search_read(self, *args, **kwargs)
content
Binary
attachment=False
args: 'Database'
crypted_content
Char
master_key
Char
related='vault_id.master_key'
name
Char
parent_id
Many2one → vault.entry
domain="[('vault_id', '=', vault_id)]"
args: 'vault.entry', 'Parent Entry'
path
Many2one → vault.import.wizard.path
default=''
domain="[('uuid', '=', uuid)]"
args: 'vault.import.wizard.path', 'Path to import'
uuid
Char
default=<expr>
vault_id
Many2one → vault
action_import(self)
name
Char
required=True
uuid
Char
required=True
No public methods.
accesses
Integer
default=1
help="If this is 0 the inbox can't be written using the link"
args: 'Access counter'
expiration
Datetime
default=<expr>
help="If expired the inbox can't be written using the link"
filename
Char
inbox_link
Char
compute='_compute_inbox_link'
help='Using this link you can write to the current inbox. If you want people to create new inboxes you should give them your inbox link from your key management.'
readonly=True
iv
Char
required=True
key
Char
required=True
log_ids
One2many → vault.inbox.log
readonly=True
args: 'vault.inbox.log', 'inbox_id', 'Log'
name
Char
required=True
secret
Char
readonly=True
secret_file
Binary
attachment=False
readonly=True
token
Char
copy=False
default=<expr>
readonly=True
user_id
Many2one → res.users
required=True
args: 'res.users', 'Vault'
find_inbox(self, token)
read(self, *args, **kwargs)
store_in_inbox(self, name, secret, secret_file, iv, key, user, filename, ip=None)
inbox_id
Many2one → vault.inbox
ondelete='cascade'
readonly=True
required=True
args: 'vault.inbox'
name
Char
readonly=True
No public methods.
entry_id
Many2one → vault.entry
ondelete='cascade'
readonly=True
args: 'vault.entry', 'Entry'
message
Char
readonly=True
required=True
state
Selection
readonly=True
args: <expr>
user_id
Many2one → res.users
readonly=True
required=True
args: 'res.users', 'User'
vault_id
Many2one → vault
ondelete='cascade'
readonly=True
required=True
args: 'vault', 'Vault'
create(self, vals_list)
allowed_create
Boolean
related='vault_id.allowed_create'
store=False
allowed_delete
Boolean
related='vault_id.allowed_delete'
store=False
allowed_read
Boolean
related='vault_id.allowed_read'
store=False
allowed_share
Boolean
related='vault_id.allowed_share'
store=False
allowed_write
Boolean
related='vault_id.allowed_write'
store=False
key
Char
master_key
Char
readonly=True
related='vault_id.master_key'
store=False
perm_create
Boolean
default=<expr>
help='Allow to create in the vault'
args: 'Create'
perm_delete
Boolean
default=<expr>
help='Allow to delete a vault'
args: 'Delete'
perm_share
Boolean
default=<expr>
help='Allow to share a vault with new users'
args: 'Share'
perm_user
Many2one
related='vault_id.perm_user'
store=False
perm_write
Boolean
default=<expr>
help='Allow to write to the vault'
args: 'Write'
public_key
Char
compute='_compute_public_key'
readonly=True
store=False
user_id
Many2one → res.users
domain=[('keys', '!=', False)]
required=True
args: 'res.users', 'User'
vault_id
Many2one → vault
ondelete='cascade'
readonly=True
required=True
args: 'vault', 'Vault'
create(self, vals_list)
log_access(self)
unlink(self)
write(self, values)
filename
Char
iv
Char
required=True
key
Char
required=True
key_user
Char
required=True
name
Char
required=True
public
Char
related='user_id.active_key.public'
secret
Char
secret_file
Char
user_id
Many2one → res.users
domain=[('keys', '!=', False), ('inbox_enabled', '=', True)]
required=True
args: 'res.users', 'User'
action_send(self)
entry_id
Many2one → vault.entry
domain="[('vault_id', '=', vault_id)]"
required=True
args: 'vault.entry', 'Entry'
iv
Char
required=True
key
Char
required=True
master_key
Char
compute='_compute_master_key'
store=False
model
Char
required=True
name
Char
required=True
secret
Char
required=True
secret_temporary
Char
required=True
vault_id
Many2one → vault
required=True
args: 'vault', 'Vault'
action_store(self)
name
Char
required=True
No public methods.
| REPOSITORY | |
|---|---|
| REPOSITORY | OCA/server-auth |
| GIT | |
| GIT | https://github.com/OCA/server-auth.git |
| GIT FOLDER | |
| GIT FOLDER | https://github.com/OCA/server-auth/tree/15.0/vault |
| VERSION | |
| VERSION | 2.1.0 |
| CATEGORY | |
| CATEGORY | Vault |
| LICENSE | |
| LICENSE | AGPL-3 |
| APPLICATION | |
| APPLICATION | Yes |
| AUTO-INSTALLABLE | |
| AUTO-INSTALLABLE | No |
| AUTHORS | |
| AUTHORS | Odoo Community Association (OCA), initOS GmbH |
| MAINTAINERS | |
| MAINTAINERS | Odoo Community Association (OCA), initOS GmbH |
| COMMITTERS | |
| COMMITTERS | Weblate, OCA-git-bot, oca-ci, fkantelberg, Carlos Roca |
| WEBSITE | |
| WEBSITE | https://github.com/OCA/server-auth |
| LAST TRACKING UPDATE | |
| LAST TRACKING UPDATE | 2026-07-06 00:46:32 |
| ODOO DEPENDENCIES | |
| ODOO DEPENDENCIES |
odoo/odoo: - base_setup - base - web |
| PYTHON DEPENDENCIES | |
| PYTHON DEPENDENCIES | Not have |
| SYSTEM DEPENDENCIES | |
| SYSTEM DEPENDENCIES | Not have |
| DESCRIPTION | |
| DESCRIPTION | |
| XML ID | Name | Model | Type | Status |
|---|---|---|---|---|
inbox |
inbox | ir.ui.view | qweb | New |
res_config_settings_view_form |
res.config.settings.view.form | res.config.settings | div | Inherits base_setup.res_config_settings_view_form |
view_res_users_key_form |
res.users.key | form | New | |
view_res_users_key_tree |
res.users.key | tree | New | |
view_right_form |
vault.right | form | New | |
view_right_tree |
vault.right | tree | New | |
view_users_form_keys_modif |
res.users | form | New | |
view_vault_entry_form |
vault.entry | form | New | |
view_vault_entry_full_tree |
vault.entry | tree | New | |
view_vault_entry_overview_form |
vault.entry | field | Inherits view_vault_entry_form | |
view_vault_entry_search |
vault.entry.search | vault.entry | search | New |
view_vault_entry_tree |
vault.entry | tree | New | |
view_vault_export_wizard |
vault.export.wizard | form | New | |
view_vault_field_form |
vault.field | form | New | |
view_vault_field_tree |
vault.field | tree | New | |
view_vault_file_form |
vault.file | form | New | |
view_vault_file_tree |
vault.file | tree | New | |
view_vault_form |
vault | form | New | |
view_vault_import_wizard |
vault.import.wizard | form | New | |
view_vault_inbox_form |
vault.inbox | form | New | |
view_vault_inbox_tree |
vault.inbox | tree | New | |
view_vault_log_tree |
vault.log | tree | New | |
view_vault_right_overview_search |
vault.right.overview.search | vault.right | search | New |
view_vault_right_overview_tree |
vault.right | tree | New | |
view_vault_search |
vault.search | vault | search | New |
view_vault_send_wizard |
vault.send.wizard | form | New | |
view_vault_store_wizard |
vault.store.wizard | form | New | |
view_vault_tree |
vault | tree | New |
group_vault_export
Boolean
implied_group='vault.group_vault_export'
args: 'Export Vaults'
group_vault_import
Boolean
implied_group='vault.group_vault_import'
args: 'Import Vaults'
module_vault_share
Boolean
No public methods.
active_key
Many2one → res.users.key
compute='_compute_active_key'
store=False
args: 'res.users.key'
inbox_enabled
Boolean
default=True
inbox_ids
One2many → vault.inbox
inbox_link
Char
compute='_compute_inbox_link'
readonly=True
store=False
inbox_token
Char
default=<expr>
readonly=True
keys
One2many → res.users.key
readonly=True
args: 'res.users.key', 'user_id'
vault_right_ids
One2many → vault.right
readonly=True
args: 'vault.right', 'user_id'
action_get_vault(self)
action_invalidate_key(self)
action_new_inbox_token(self)
find_user_of_inbox(self, token)
get_vault_keys(self)
current
Boolean
default=True
readonly=True
fingerprint
Char
compute='_compute_fingerprint'
store=True
iterations
Integer
readonly=True
required=True
iv
Char
readonly=True
required=True
private
Char
readonly=True
required=True
public
Char
readonly=True
required=True
salt
Char
readonly=True
required=True
user_id
Many2one → res.users
required=True
args: 'res.users'
uuid
Char
default=<expr>
readonly=True
required=True
version
Integer
readonly=True
extract_public_key(self, user)
store(self, iterations, iv, private, public, salt, version)
allowed_create
Boolean
compute='_compute_access'
store=False
allowed_delete
Boolean
compute='_compute_access'
store=False
allowed_read
Boolean
compute='_compute_access'
store=False
allowed_share
Boolean
compute='_compute_access'
store=False
allowed_write
Boolean
compute='_compute_access'
store=False
entry_ids
One2many → vault.entry
field_ids
One2many → vault.field
file_ids
One2many → vault.file
log_ids
One2many → vault.log
readonly=True
args: 'vault.log', 'vault_id', 'Log'
master_key
Char
compute='_compute_master_key'
inverse='_inverse_master_key'
store=False
name
Char
required=True
note
Text
perm_user
Many2one → res.users
compute='_compute_access'
store=False
args: 'res.users'
reencrypt_required
Boolean
default=False
right_ids
One2many → vault.right
default=<expr>
args: 'vault.right', 'vault_id', 'Rights'
user_id
Many2one → res.users
default=<expr>
readonly=True
required=True
args: 'res.users', 'Owner'
uuid
Char
default=<expr>
readonly=True
required=True
action_open_export_wizard(self)
action_open_import_wizard(self)
share_public_keys(self)
No new fields.
Public methods (6)check_access_rule(self, operation)
log_entry(self, msg)
log_error(self, msg)
log_info(self, msg)
log_warn(self, msg)
raise_access_error(self)
allowed_create
Boolean
related='vault_id.allowed_create'
store=False
allowed_delete
Boolean
related='vault_id.allowed_delete'
store=False
allowed_read
Boolean
related='vault_id.allowed_read'
store=False
allowed_share
Boolean
related='vault_id.allowed_share'
store=False
allowed_write
Boolean
related='vault_id.allowed_write'
store=False
entry_id
Many2one → vault.entry
ondelete='cascade'
required=True
args: 'vault.entry'
entry_name
Char
related='entry_id.complete_name'
iv
Char
master_key
Char
compute='_compute_master_key'
store=False
name
Char
required=True
perm_user
Many2one
related='vault_id.perm_user'
store=False
vault_id
Many2one
related='entry_id.vault_id'
create(self, values)
log_change(self, action)
unlink(self)
write(self, values)
allowed_create
Boolean
related='vault_id.allowed_create'
store=False
allowed_delete
Boolean
related='vault_id.allowed_delete'
store=False
allowed_read
Boolean
related='vault_id.allowed_read'
store=False
allowed_share
Boolean
related='vault_id.allowed_share'
store=False
allowed_write
Boolean
related='vault_id.allowed_write'
store=False
child_ids
One2many → vault.entry
complete_name
Char
compute='_compute_complete_name'
readonly=True
recursive=True
store=True
expire_date
Datetime
default=False
args: 'Expires on'
expired
Boolean
compute='_compute_expired'
search='_search_expired'
store=False
field_ids
One2many → vault.field
file_ids
One2many → vault.file
log_ids
One2many → vault.log
readonly=True
args: 'vault.log', 'entry_id', 'Log'
name
Char
required=True
note
Text
parent_id
Many2one → vault.entry
domain="[('vault_id', '=', vault_id)]"
ondelete='cascade'
args: 'vault.entry', 'Parent'
perm_user
Many2one
related='vault_id.perm_user'
store=False
tags
Many2many → vault.tag
url
Char
user_id
Many2one
related='vault_id.user_id'
uuid
Char
copy=False
default=<expr>
required=True
vault_id
Many2one → vault
ondelete='cascade'
required=True
args: 'vault', 'Vault'
action_open_export_wizard(self)
action_open_import_wizard(self)
copy_data(self, default=None)
create(self, values)
log_change(self, action)
search_panel_select_range(self, field_name, **kwargs)
search_read(self, domain=None, fields=None, offset=0, limit=None, order=None)
unlink(self)
content
Binary
attachment=False
args: 'Download'
entry_id
Many2one → vault.entry
domain="[('vault_id', '=', vault_id)]"
args: 'vault.entry', 'Entries'
include_childs
Boolean
default=True
master_key
Char
related='vault_id.master_key'
name
Char
default=<expr>
vault_id
Many2one → vault
No public methods.
value
Char
required=True
No public methods.
value
Binary
attachment=False
search_read(self, *args, **kwargs)
content
Binary
attachment=False
args: 'Database'
crypted_content
Char
master_key
Char
related='vault_id.master_key'
name
Char
parent_id
Many2one → vault.entry
domain="[('vault_id', '=', vault_id)]"
args: 'vault.entry', 'Parent Entry'
path
Many2one → vault.import.wizard.path
default=''
domain="[('uuid', '=', uuid)]"
args: 'vault.import.wizard.path', 'Path to import'
uuid
Char
default=<expr>
vault_id
Many2one → vault
action_import(self)
name
Char
required=True
uuid
Char
required=True
No public methods.
accesses
Integer
default=1
help="If this is 0 the inbox can't be written using the link"
args: 'Access counter'
expiration
Datetime
default=<expr>
help="If expired the inbox can't be written using the link"
filename
Char
inbox_link
Char
compute='_compute_inbox_link'
help='Using this link you can write to the current inbox. If you want people to create new inboxes you should give them your inbox link from your key management.'
readonly=True
iv
Char
required=True
key
Char
required=True
log_ids
One2many → vault.inbox.log
readonly=True
args: 'vault.inbox.log', 'inbox_id', 'Log'
name
Char
required=True
secret
Char
readonly=True
secret_file
Binary
attachment=False
readonly=True
token
Char
copy=False
default=<expr>
readonly=True
user_id
Many2one → res.users
required=True
args: 'res.users', 'Vault'
find_inbox(self, token)
read(self, *args, **kwargs)
store_in_inbox(self, name, secret, secret_file, iv, key, user, filename, ip=None)
inbox_id
Many2one → vault.inbox
ondelete='cascade'
readonly=True
required=True
args: 'vault.inbox'
name
Char
readonly=True
No public methods.
entry_id
Many2one → vault.entry
ondelete='cascade'
readonly=True
args: 'vault.entry', 'Entry'
message
Char
readonly=True
required=True
state
Selection
readonly=True
args: <expr>
user_id
Many2one → res.users
readonly=True
required=True
args: 'res.users', 'User'
vault_id
Many2one → vault
ondelete='cascade'
readonly=True
required=True
args: 'vault', 'Vault'
create(self, values)
allowed_create
Boolean
related='vault_id.allowed_create'
store=False
allowed_delete
Boolean
related='vault_id.allowed_delete'
store=False
allowed_read
Boolean
related='vault_id.allowed_read'
store=False
allowed_share
Boolean
related='vault_id.allowed_share'
store=False
allowed_write
Boolean
related='vault_id.allowed_write'
store=False
key
Char
master_key
Char
readonly=True
related='vault_id.master_key'
store=False
perm_create
Boolean
default=<expr>
help='Allow to create in the vault'
args: 'Create'
perm_delete
Boolean
default=<expr>
help='Allow to delete a vault'
args: 'Delete'
perm_share
Boolean
default=<expr>
help='Allow to share a vault with new users'
args: 'Share'
perm_user
Many2one
related='vault_id.perm_user'
store=False
perm_write
Boolean
default=<expr>
help='Allow to write to the vault'
args: 'Write'
public_key
Char
compute='_compute_public_key'
readonly=True
store=False
user_id
Many2one → res.users
domain=[('keys', '!=', False)]
required=True
args: 'res.users', 'User'
vault_id
Many2one → vault
ondelete='cascade'
readonly=True
required=True
args: 'vault', 'Vault'
create(self, values)
log_access(self)
unlink(self)
write(self, values)
filename
Char
iv
Char
required=True
key
Char
required=True
key_user
Char
required=True
name
Char
required=True
public
Char
related='user_id.active_key.public'
secret
Char
required=True
secret_file
Char
user_id
Many2one → res.users
domain=[('keys', '!=', False), ('inbox_enabled', '=', True)]
required=True
args: 'res.users', 'User'
action_send(self)
entry_id
Many2one → vault.entry
domain="[('vault_id', '=', vault_id)]"
required=True
args: 'vault.entry', 'Entry'
iv
Char
required=True
key
Char
required=True
master_key
Char
compute='_compute_master_key'
store=False
model
Char
required=True
name
Char
required=True
secret
Char
required=True
secret_temporary
Char
required=True
vault_id
Many2one → vault
required=True
args: 'vault', 'Vault'
action_store(self)
name
Char
required=True
No public methods.
| REPOSITORY | |
|---|---|
| REPOSITORY | OCA/server-auth |
| GIT | |
| GIT | https://github.com/OCA/server-auth.git |
| GIT FOLDER | |
| GIT FOLDER | https://github.com/OCA/server-auth/tree/14.0/vault |
| VERSION | |
| VERSION | 1.9.0 |
| CATEGORY | |
| CATEGORY | Vault |
| LICENSE | |
| LICENSE | AGPL-3 |
| APPLICATION | |
| APPLICATION | Yes |
| AUTO-INSTALLABLE | |
| AUTO-INSTALLABLE | No |
| AUTHORS | |
| AUTHORS | Odoo Community Association (OCA), initOS GmbH |
| MAINTAINERS | |
| MAINTAINERS | Odoo Community Association (OCA), initOS GmbH |
| COMMITTERS | |
| COMMITTERS | Víctor Martínez, oca-travis, Weblate, OCA-git-bot, oca-ci, fkantelberg, CarlosRoca13, aromera, oca-git-bot |
| WEBSITE | |
| WEBSITE | https://github.com/OCA/server-auth |
| LAST TRACKING UPDATE | |
| LAST TRACKING UPDATE | 2026-07-06 00:40:55 |
| ODOO DEPENDENCIES | |
| ODOO DEPENDENCIES |
odoo/odoo: - base_setup - base - web |
| PYTHON DEPENDENCIES | |
| PYTHON DEPENDENCIES | Not have |
| SYSTEM DEPENDENCIES | |
| SYSTEM DEPENDENCIES | Not have |
| DESCRIPTION | |
| DESCRIPTION | |
| XML ID | Name | Model | Type | Status |
|---|---|---|---|---|
assets_backend |
assets_backend | ir.ui.view | qweb | Inherits web.assets_backend |
inbox |
inbox | ir.ui.view | qweb | New |
inbox_frontend |
inbox_frontend | ir.ui.view | qweb | New |
res_config_settings_view_form |
res.config.settings.view.form | res.config.settings | div | Inherits base_setup.res_config_settings_view_form |
tests_assets |
tests_assets | ir.ui.view | qweb | Inherits web.tests_assets |
view_res_users_key_form |
res.users.key | form | New | |
view_res_users_key_tree |
res.users.key | tree | New | |
view_right_form |
vault.right | form | New | |
view_right_tree |
vault.right | tree | New | |
view_users_form_keys_modif |
res.users | form | New | |
view_vault_entry_form |
vault.entry | form | New | |
view_vault_entry_full_tree |
vault.entry | tree | New | |
view_vault_entry_overview_form |
vault.entry | field | Inherits view_vault_entry_form | |
view_vault_entry_search |
vault.entry.search | vault.entry | search | New |
view_vault_entry_tree |
vault.entry | tree | New | |
view_vault_export_wizard |
vault.export.wizard | form | New | |
view_vault_field_form |
vault.field | form | New | |
view_vault_field_tree |
vault.field | tree | New | |
view_vault_file_form |
vault.file | form | New | |
view_vault_file_tree |
vault.file | tree | New | |
view_vault_form |
vault | form | New | |
view_vault_import_wizard |
vault.import.wizard | form | New | |
view_vault_inbox_form |
vault.inbox | form | New | |
view_vault_inbox_tree |
vault.inbox | tree | New | |
view_vault_log_tree |
vault.log | tree | New | |
view_vault_right_overview_search |
vault.right.overview.search | vault.right | search | New |
view_vault_right_overview_tree |
vault.right | tree | New | |
view_vault_search |
vault.search | vault | search | New |
view_vault_send_wizard |
vault.send.wizard | form | New | |
view_vault_store_wizard |
vault.store.wizard | form | New | |
view_vault_tree |
vault | tree | New |
module_vault_share
Boolean
No public methods.
active_key
Many2one → res.users.key
compute='_compute_active_key'
store=False
args: 'res.users.key'
inbox_enabled
Boolean
default=True
inbox_ids
One2many → vault.inbox
inbox_link
Char
compute='_compute_inbox_link'
readonly=True
store=False
inbox_token
Char
default=<expr>
readonly=True
keys
One2many → res.users.key
readonly=True
args: 'res.users.key', 'user_id'
vault_right_ids
One2many → vault.right
readonly=True
args: 'vault.right', 'user_id'
action_get_vault(self)
action_invalidate_key(self)
action_new_inbox_token(self)
find_user_of_inbox(self, token)
get_vault_keys(self)
current
Boolean
default=True
readonly=True
fingerprint
Char
compute='_compute_fingerprint'
store=True
iterations
Integer
readonly=True
required=True
iv
Char
readonly=True
required=True
private
Char
readonly=True
required=True
public
Char
readonly=True
required=True
salt
Char
readonly=True
required=True
user_id
Many2one → res.users
required=True
args: 'res.users'
uuid
Char
default=<expr>
readonly=True
required=True
version
Integer
readonly=True
extract_public_key(self, user)
store(self, iterations, iv, private, public, salt, version)
allowed_create
Boolean
compute='_compute_access'
store=False
allowed_delete
Boolean
compute='_compute_access'
store=False
allowed_read
Boolean
compute='_compute_access'
store=False
allowed_share
Boolean
compute='_compute_access'
store=False
allowed_write
Boolean
compute='_compute_access'
store=False
entry_ids
One2many → vault.entry
field_ids
One2many → vault.field
file_ids
One2many → vault.file
log_ids
One2many → vault.log
readonly=True
args: 'vault.log', 'vault_id', 'Log'
master_key
Char
compute='_compute_master_key'
inverse='_inverse_master_key'
store=False
name
Char
required=True
note
Text
perm_user
Many2one → res.users
compute='_compute_access'
store=False
args: 'res.users'
reencrypt_required
Boolean
default=False
right_ids
One2many → vault.right
default=<expr>
args: 'vault.right', 'vault_id', 'Rights'
user_id
Many2one → res.users
default=<expr>
readonly=True
required=True
args: 'res.users', 'Owner'
uuid
Char
default=<expr>
readonly=True
required=True
action_open_export_wizard(self)
action_open_import_wizard(self)
share_public_keys(self)
No new fields.
Public methods (6)check_access_rule(self, operation)
log_entry(self, msg)
log_error(self, msg)
log_info(self, msg)
log_warn(self, msg)
raise_access_error(self)
allowed_create
Boolean
related='vault_id.allowed_create'
store=False
allowed_delete
Boolean
related='vault_id.allowed_delete'
store=False
allowed_read
Boolean
related='vault_id.allowed_read'
store=False
allowed_share
Boolean
related='vault_id.allowed_share'
store=False
allowed_write
Boolean
related='vault_id.allowed_write'
store=False
entry_id
Many2one → vault.entry
ondelete='cascade'
required=True
args: 'vault.entry'
entry_name
Char
related='entry_id.complete_name'
iv
Char
master_key
Char
compute='_compute_master_key'
store=False
name
Char
required=True
perm_user
Many2one
related='vault_id.perm_user'
store=False
vault_id
Many2one
related='entry_id.vault_id'
create(self, values)
log_change(self, action)
unlink(self)
write(self, values)
allowed_create
Boolean
related='vault_id.allowed_create'
store=False
allowed_delete
Boolean
related='vault_id.allowed_delete'
store=False
allowed_read
Boolean
related='vault_id.allowed_read'
store=False
allowed_share
Boolean
related='vault_id.allowed_share'
store=False
allowed_write
Boolean
related='vault_id.allowed_write'
store=False
child_ids
One2many → vault.entry
complete_name
Char
compute='_compute_complete_name'
readonly=True
store=True
expire_date
Datetime
default=False
args: 'Expires on'
expired
Boolean
compute='_compute_expired'
search='_search_expired'
store=False
field_ids
One2many → vault.field
file_ids
One2many → vault.file
log_ids
One2many → vault.log
readonly=True
args: 'vault.log', 'entry_id', 'Log'
name
Char
required=True
note
Text
parent_id
Many2one → vault.entry
domain="[('vault_id', '=', vault_id)]"
ondelete='cascade'
args: 'vault.entry', 'Parent'
perm_user
Many2one
related='vault_id.perm_user'
store=False
tags
Many2many → vault.tag
url
Char
user_id
Many2one
related='vault_id.user_id'
uuid
Char
copy=False
default=<expr>
required=True
vault_id
Many2one → vault
ondelete='cascade'
required=True
args: 'vault', 'Vault'
action_open_export_wizard(self)
action_open_import_wizard(self)
copy_data(self, default=None)
create(self, values)
log_change(self, action)
search_panel_select_range(self, field_name, **kwargs)
search_read(self, domain=None, fields=None, offset=0, limit=None, order=None)
unlink(self)
content
Binary
attachment=False
args: 'Download'
entry_id
Many2one → vault.entry
domain="[('vault_id', '=', vault_id)]"
args: 'vault.entry', 'Entries'
include_childs
Boolean
default=True
master_key
Char
related='vault_id.master_key'
name
Char
default=<expr>
vault_id
Many2one → vault
No public methods.
value
Char
required=True
No public methods.
value
Binary
attachment=False
search_read(self, *args, **kwargs)
content
Binary
attachment=False
args: 'Database'
crypted_content
Char
master_key
Char
related='vault_id.master_key'
name
Char
parent_id
Many2one → vault.entry
domain="[('vault_id', '=', vault_id)]"
args: 'vault.entry', 'Parent Entry'
path
Many2one → vault.import.wizard.path
default=''
domain="[('uuid', '=', uuid)]"
args: 'vault.import.wizard.path', 'Path to import'
uuid
Char
default=<expr>
vault_id
Many2one → vault
action_import(self)
name
Char
required=True
uuid
Char
required=True
No public methods.
accesses
Integer
default=1
help="If this is 0 the inbox can't be written using the link"
args: 'Access counter'
expiration
Datetime
default=<expr>
help="If expired the inbox can't be written using the link"
filename
Char
inbox_link
Char
compute='_compute_inbox_link'
help='Using this link you can write to the current inbox. If you want people to create new inboxes you should give them your inbox link from your key management.'
readonly=True
iv
Char
required=True
key
Char
required=True
log_ids
One2many → vault.inbox.log
readonly=True
args: 'vault.inbox.log', 'inbox_id', 'Log'
name
Char
required=True
secret
Char
readonly=True
secret_file
Binary
attachment=False
readonly=True
token
Char
copy=False
default=<expr>
readonly=True
user_id
Many2one → res.users
required=True
args: 'res.users', 'Vault'
find_inbox(self, token)
read(self, *args, **kwargs)
store_in_inbox(self, name, secret, secret_file, iv, key, user, filename, ip=None)
inbox_id
Many2one → vault.inbox
ondelete='cascade'
readonly=True
required=True
args: 'vault.inbox'
name
Char
readonly=True
No public methods.
entry_id
Many2one → vault.entry
ondelete='cascade'
readonly=True
args: 'vault.entry', 'Entry'
message
Char
readonly=True
required=True
state
Selection
readonly=True
args: <expr>
user_id
Many2one → res.users
readonly=True
required=True
args: 'res.users', 'User'
vault_id
Many2one → vault
ondelete='cascade'
readonly=True
required=True
args: 'vault', 'Vault'
create(self, values)
allowed_create
Boolean
related='vault_id.allowed_create'
store=False
allowed_delete
Boolean
related='vault_id.allowed_delete'
store=False
allowed_read
Boolean
related='vault_id.allowed_read'
store=False
allowed_share
Boolean
related='vault_id.allowed_share'
store=False
allowed_write
Boolean
related='vault_id.allowed_write'
store=False
key
Char
master_key
Char
readonly=True
related='vault_id.master_key'
store=False
perm_create
Boolean
default=<expr>
help='Allow to create in the vault'
args: 'Create'
perm_delete
Boolean
default=<expr>
help='Allow to delete a vault'
args: 'Delete'
perm_share
Boolean
default=<expr>
help='Allow to share a vault with new users'
args: 'Share'
perm_user
Many2one
related='vault_id.perm_user'
store=False
perm_write
Boolean
default=<expr>
help='Allow to write to the vault'
args: 'Write'
public_key
Char
compute='_compute_public_key'
readonly=True
store=False
user_id
Many2one → res.users
domain=[('keys', '!=', False)]
required=True
args: 'res.users', 'User'
vault_id
Many2one → vault
ondelete='cascade'
readonly=True
required=True
args: 'vault', 'Vault'
create(self, values)
log_access(self)
unlink(self)
write(self, values)
filename
Char
iv
Char
required=True
key
Char
required=True
key_user
Char
required=True
name
Char
required=True
public
Char
related='user_id.active_key.public'
secret
Char
required=True
secret_file
Char
user_id
Many2one → res.users
domain=[('keys', '!=', False), ('inbox_enabled', '=', True)]
required=True
args: 'res.users', 'User'
action_send(self)
entry_id
Many2one → vault.entry
domain="[('vault_id', '=', vault_id)]"
required=True
args: 'vault.entry', 'Entry'
iv
Char
required=True
key
Char
required=True
master_key
Char
compute='_compute_master_key'
store=False
model
Char
required=True
name
Char
required=True
secret
Char
required=True
secret_temporary
Char
required=True
vault_id
Many2one → vault
required=True
args: 'vault', 'Vault'
action_store(self)
name
Char
required=True
No public methods.
| REPOSITORY | |
|---|---|
| REPOSITORY | OCA/server-auth |
| GIT | |
| GIT | https://github.com/OCA/server-auth.git |
| GIT FOLDER | |
| GIT FOLDER | https://github.com/OCA/server-auth/tree/13.0/vault |
| VERSION | |
| VERSION | 1.4.0 |
| CATEGORY | |
| CATEGORY | Vault |
| LICENSE | |
| LICENSE | AGPL-3 |
| APPLICATION | |
| APPLICATION | Yes |
| AUTO-INSTALLABLE | |
| AUTO-INSTALLABLE | No |
| AUTHORS | |
| AUTHORS | Odoo Community Association (OCA), initOS GmbH |
| MAINTAINERS | |
| MAINTAINERS | Odoo Community Association (OCA), initOS GmbH |
| COMMITTERS | |
| COMMITTERS | OCA Transbot, Víctor Martínez, Weblate, OCA-git-bot, oca-ci, fkantelberg, Carlos Roca, CarlosRoca13 |
| WEBSITE | |
| WEBSITE | https://github.com/OCA/server-auth |
| LAST TRACKING UPDATE | |
| LAST TRACKING UPDATE | 2026-07-06 00:34:11 |
| ODOO DEPENDENCIES | |
| ODOO DEPENDENCIES |
odoo/odoo: - base_setup - base - web |
| PYTHON DEPENDENCIES | |
| PYTHON DEPENDENCIES | Not have |
| SYSTEM DEPENDENCIES | |
| SYSTEM DEPENDENCIES | Not have |
| DESCRIPTION | |
| DESCRIPTION | |
| XML ID | Name | Model | Type | Status |
|---|---|---|---|---|
assets_backend |
assets_backend | ir.ui.view | qweb | Inherits web.assets_backend |
inbox |
inbox | ir.ui.view | qweb | New |
inbox_frontend |
inbox_frontend | ir.ui.view | qweb | New |
res_config_settings_view_form |
res.config.settings.view.form | res.config.settings | div | Inherits base_setup.res_config_settings_view_form |
tests_assets |
tests_assets | ir.ui.view | qweb | Inherits web.js_tests_assets |
view_res_users_key_form |
res.users.key | form | New | |
view_res_users_key_tree |
res.users.key | tree | New | |
view_right_form |
vault.right | form | New | |
view_right_tree |
vault.right | tree | New | |
view_users_form_keys_modif |
res.users | form | New | |
view_vault_entry_form |
vault.entry | form | New | |
view_vault_entry_full_tree |
vault.entry | tree | New | |
view_vault_entry_overview_form |
vault.entry | field | Inherits view_vault_entry_form | |
view_vault_entry_search |
vault.entry.search | vault.entry | search | New |
view_vault_entry_tree |
vault.entry | tree | New | |
view_vault_export_wizard |
vault.export.wizard | form | New | |
view_vault_field_form |
vault.field | form | New | |
view_vault_field_tree |
vault.field | tree | New | |
view_vault_file_form |
vault.file | form | New | |
view_vault_file_tree |
vault.file | tree | New | |
view_vault_form |
vault | form | New | |
view_vault_import_wizard |
vault.import.wizard | form | New | |
view_vault_inbox_form |
vault.inbox | form | New | |
view_vault_inbox_tree |
vault.inbox | tree | New | |
view_vault_log_tree |
vault.log | tree | New | |
view_vault_right_overview_search |
vault.right.overview.search | vault.right | search | New |
view_vault_right_overview_tree |
vault.right | tree | New | |
view_vault_search |
vault.search | vault | search | New |
view_vault_send_wizard |
vault.send.wizard | form | New | |
view_vault_store_wizard |
vault.store.wizard | form | New | |
view_vault_tree |
vault | tree | New |
module_vault_share
Boolean
No public methods.
active_key
Many2one → res.users.key
compute='_compute_active_key'
store=False
args: 'res.users.key'
inbox_enabled
Boolean
default=True
inbox_ids
One2many → vault.inbox
inbox_link
Char
compute='_compute_inbox_link'
readonly=True
store=False
inbox_token
Char
default=<expr>
readonly=True
keys
One2many → res.users.key
readonly=True
args: 'res.users.key', 'user_id'
vault_right_ids
One2many → vault.right
readonly=True
args: 'vault.right', 'user_id'
action_get_vault(self)
action_invalidate_key(self)
action_new_inbox_token(self)
find_user_of_inbox(self, token)
get_vault_keys(self)
current
Boolean
default=True
readonly=True
fingerprint
Char
compute='_compute_fingerprint'
store=True
iterations
Integer
readonly=True
required=True
iv
Char
readonly=True
required=True
private
Char
readonly=True
required=True
public
Char
readonly=True
required=True
salt
Char
readonly=True
required=True
user_id
Many2one → res.users
required=True
args: 'res.users'
uuid
Char
default=<expr>
readonly=True
required=True
extract_public_key(self, user)
store(self, iterations, iv, private, public, salt)
allowed_create
Boolean
compute='_compute_access'
store=False
allowed_delete
Boolean
compute='_compute_access'
store=False
allowed_read
Boolean
compute='_compute_access'
store=False
allowed_share
Boolean
compute='_compute_access'
store=False
allowed_write
Boolean
compute='_compute_access'
store=False
entry_ids
One2many → vault.entry
field_ids
One2many → vault.field
file_ids
One2many → vault.file
log_ids
One2many → vault.log
readonly=True
args: 'vault.log', 'vault_id', 'Log'
master_key
Char
compute='_compute_master_key'
inverse='_inverse_master_key'
store=False
name
Char
required=True
note
Text
perm_user
Many2one → res.users
compute='_compute_access'
store=False
args: 'res.users'
reencrypt_required
Boolean
default=False
right_ids
One2many → vault.right
default=<expr>
args: 'vault.right', 'vault_id', 'Rights'
user_id
Many2one → res.users
default=<expr>
readonly=True
required=True
args: 'res.users', 'Owner'
uuid
Char
default=<expr>
readonly=True
required=True
action_open_export_wizard(self)
action_open_import_wizard(self)
share_public_keys(self)
No new fields.
Public methods (6)check_access_rule(self, operation)
log_entry(self, msg)
log_error(self, msg)
log_info(self, msg)
log_warn(self, msg)
raise_access_error(self)
allowed_create
Boolean
related='vault_id.allowed_create'
store=False
allowed_delete
Boolean
related='vault_id.allowed_delete'
store=False
allowed_read
Boolean
related='vault_id.allowed_read'
store=False
allowed_share
Boolean
related='vault_id.allowed_share'
store=False
allowed_write
Boolean
related='vault_id.allowed_write'
store=False
entry_id
Many2one → vault.entry
ondelete='cascade'
required=True
args: 'vault.entry'
entry_name
Char
related='entry_id.complete_name'
iv
Char
master_key
Char
compute='_compute_master_key'
store=False
name
Char
required=True
perm_user
Many2one
related='vault_id.perm_user'
store=False
vault_id
Many2one
related='entry_id.vault_id'
create(self, values)
log_change(self, action)
unlink(self)
write(self, values)
allowed_create
Boolean
related='vault_id.allowed_create'
store=False
allowed_delete
Boolean
related='vault_id.allowed_delete'
store=False
allowed_read
Boolean
related='vault_id.allowed_read'
store=False
allowed_share
Boolean
related='vault_id.allowed_share'
store=False
allowed_write
Boolean
related='vault_id.allowed_write'
store=False
child_ids
One2many → vault.entry
complete_name
Char
compute='_compute_complete_name'
readonly=True
store=True
expire_date
Datetime
default=False
args: 'Expires on'
expired
Boolean
compute='_compute_expired'
search='_search_expired'
store=False
field_ids
One2many → vault.field
file_ids
One2many → vault.file
log_ids
One2many → vault.log
readonly=True
args: 'vault.log', 'entry_id', 'Log'
name
Char
required=True
note
Text
parent_id
Many2one → vault.entry
domain="[('vault_id', '=', vault_id)]"
ondelete='cascade'
args: 'vault.entry', 'Parent'
perm_user
Many2one
related='vault_id.perm_user'
store=False
tags
Many2many → vault.tag
url
Char
user_id
Many2one
related='vault_id.user_id'
uuid
Char
copy=False
default=<expr>
required=True
vault_id
Many2one → vault
ondelete='cascade'
required=True
args: 'vault', 'Vault'
action_open_export_wizard(self)
action_open_import_wizard(self)
copy_data(self, default=None)
create(self, values)
log_change(self, action)
search_panel_select_range(self, field_name)
search_read(self, domain=None, fields=None, offset=0, limit=None, order=None)
unlink(self)
content
Binary
attachment=False
args: 'Download'
entry_id
Many2one → vault.entry
domain="[('vault_id', '=', vault_id)]"
args: 'vault.entry', 'Entries'
include_childs
Boolean
default=True
master_key
Char
related='vault_id.master_key'
name
Char
default=<expr>
vault_id
Many2one → vault
No public methods.
value
Char
required=True
No public methods.
value
Binary
attachment=False
search_read(self, *args, **kwargs)
content
Binary
attachment=False
args: 'Database'
crypted_content
Char
master_key
Char
related='vault_id.master_key'
name
Char
parent_id
Many2one → vault.entry
domain="[('vault_id', '=', vault_id)]"
args: 'vault.entry', 'Parent Entry'
path
Many2one → vault.import.wizard.path
default=''
domain="[('uuid', '=', uuid)]"
args: 'vault.import.wizard.path', 'Path to import'
uuid
Char
default=<expr>
vault_id
Many2one → vault
action_import(self)
name
Char
required=True
uuid
Char
required=True
No public methods.
accesses
Integer
default=1
help="If this is 0 the inbox can't be written using the link"
args: 'Access counter'
expiration
Datetime
default=<expr>
help="If expired the inbox can't be written using the link"
filename
Char
inbox_link
Char
compute='_compute_inbox_link'
help='Using this link you can write to the current inbox. If you want people to create new inboxes you should give them your inbox link from your key management.'
readonly=True
iv
Char
required=True
key
Char
required=True
log_ids
One2many → vault.inbox.log
readonly=True
args: 'vault.inbox.log', 'inbox_id', 'Log'
name
Char
required=True
secret
Char
readonly=True
secret_file
Binary
attachment=False
readonly=True
token
Char
copy=False
default=<expr>
readonly=True
user_id
Many2one → res.users
required=True
args: 'res.users', 'Vault'
find_inbox(self, token)
read(self, *args, **kwargs)
store_in_inbox(self, name, secret, secret_file, iv, key, user, filename, ip=None)
inbox_id
Many2one → vault.inbox
ondelete='cascade'
readonly=True
required=True
args: 'vault.inbox'
name
Char
readonly=True
No public methods.
entry_id
Many2one → vault.entry
ondelete='cascade'
readonly=True
args: 'vault.entry', 'Entry'
message
Char
readonly=True
required=True
state
Selection
readonly=True
args: <expr>
user_id
Many2one → res.users
readonly=True
required=True
args: 'res.users', 'User'
vault_id
Many2one → vault
ondelete='cascade'
readonly=True
required=True
args: 'vault', 'Vault'
create(self, values)
allowed_create
Boolean
related='vault_id.allowed_create'
store=False
allowed_delete
Boolean
related='vault_id.allowed_delete'
store=False
allowed_read
Boolean
related='vault_id.allowed_read'
store=False
allowed_share
Boolean
related='vault_id.allowed_share'
store=False
allowed_write
Boolean
related='vault_id.allowed_write'
store=False
key
Char
master_key
Char
readonly=True
related='vault_id.master_key'
store=False
perm_create
Boolean
default=<expr>
help='Allow to create in the vault'
args: 'Create'
perm_delete
Boolean
default=<expr>
help='Allow to delete a vault'
args: 'Delete'
perm_share
Boolean
default=<expr>
help='Allow to share a vault with new users'
args: 'Share'
perm_user
Many2one
related='vault_id.perm_user'
store=False
perm_write
Boolean
default=<expr>
help='Allow to write to the vault'
args: 'Write'
public_key
Char
compute='_compute_public_key'
readonly=True
store=False
user_id
Many2one → res.users
domain=[('keys', '!=', False)]
required=True
args: 'res.users', 'User'
vault_id
Many2one → vault
ondelete='cascade'
readonly=True
required=True
args: 'vault', 'Vault'
create(self, values)
log_access(self)
unlink(self)
write(self, values)
filename
Char
iv
Char
required=True
key
Char
required=True
key_user
Char
required=True
name
Char
required=True
public
Char
related='user_id.active_key.public'
secret
Char
required=True
secret_file
Char
user_id
Many2one → res.users
domain=[('keys', '!=', False), ('inbox_enabled', '=', True)]
required=True
args: 'res.users', 'User'
action_send(self)
entry_id
Many2one → vault.entry
domain="[('vault_id', '=', vault_id)]"
required=True
args: 'vault.entry', 'Entry'
iv
Char
required=True
key
Char
required=True
master_key
Char
compute='_compute_master_key'
store=False
model
Char
required=True
name
Char
required=True
secret
Char
required=True
secret_temporary
Char
required=True
vault_id
Many2one → vault
required=True
args: 'vault', 'Vault'
action_store(self)
name
Char
required=True
No public methods.